Auto-Update: 2023-06-19T10:00:29.586574+00:00

2025-07-09 16:05:11 +00:00 · 2023-06-19 10:00:33 +00:00 · 2023-06-19 10:00:33 +00:00 · aee40ff0c5
commit aee40ff0c5
parent 1de4c4ae17
4 changed files with 55 additions and 11 deletions
--- a/CVE-2023/CVE-2023-33xx/CVE-2023-3309.json
+++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3309.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-3309",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2023-06-18T12:15:09.267",
-  "lastModified": "2023-06-18T12:15:09.267",
+  "lastModified": "2023-06-19T08:15:09.270",
  "vulnStatus": "Received",
  "descriptions": [
    {
@ -72,6 +72,10 @@
    }
  ],
  "references": [
+    {
+      "url": "https://kr1shna4garwal.github.io/posts/cve-poc-2023/#cve-2023-3309",
+      "source": "cna@vuldb.com"
+    },
    {
      "url": "https://vuldb.com/?ctiid.231805",
      "source": "cna@vuldb.com"
--- a/CVE-2023/CVE-2023-33xx/CVE-2023-3311.json
+++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3311.json
@ -2,12 +2,12 @@
  "id": "CVE-2023-3311",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2023-06-18T15:15:11.660",
-  "lastModified": "2023-06-18T15:15:11.660",
+  "lastModified": "2023-06-19T08:15:09.447",
  "vulnStatus": "Received",
  "descriptions": [
    {
      "lang": "en",
-      "value": "A vulnerability, which was classified as problematic, was found in SourceCodester Advance Charity Management System 1.0. This affects an unknown part of the file addsuppliers.php. The manipulation of the argument First name leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-231807."
+      "value": "A vulnerability, which was classified as problematic, was found in PuneethReddyHC online-shopping-system-advanced 1.0. This affects an unknown part of the file addsuppliers.php. The manipulation of the argument First name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231807."
    }
  ],
  "metrics": {
--- a/CVE-2023/CVE-2023-350xx/CVE-2023-35005.json
+++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35005.json
@ -0,0 +1,40 @@
+{
+  "id": "CVE-2023-35005",
+  "sourceIdentifier": "security@apache.org",
+  "published": "2023-06-19T09:15:09.380",
+  "lastModified": "2023-06-19T09:15:09.380",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In Apache Airflow, some potentially sensitive values were being shown to the user in certain situations.\n\nThis vulnerability is mitigated by the fact configuration is not shown in the UI by default (only if `[webserver] expose_config` is set to `non-sensitive-only`), and not all uncensored values are actually sentitive.\n\n\nThis issue affects Apache Airflow: from 2.5.0 before 2.6.2. Users are recommended to update to version 2.6.2 or later.\n\n\n"
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@apache.org",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-200"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/apache/airflow/pull/31788",
+      "source": "security@apache.org"
+    },
+    {
+      "url": "https://github.com/apache/airflow/pull/31820",
+      "source": "security@apache.org"
+    },
+    {
+      "url": "https://lists.apache.org/thread/o4f2cxh0054m9tlxpb81c1yhylor5gjd",
+      "source": "security@apache.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-06-19T08:00:30.760061+00:00
+2023-06-19T10:00:29.586574+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-06-19T06:15:09.240000+00:00
+2023-06-19T09:15:09.380000+00:00
 ```

 ### Last Data Feed Release
@ -29,22 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-218020
+218021
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `1`

-* [CVE-2023-34602](CVE-2023/CVE-2023-346xx/CVE-2023-34602.json) (`2023-06-19T06:15:09.047`)
-* [CVE-2023-34603](CVE-2023/CVE-2023-346xx/CVE-2023-34603.json) (`2023-06-19T06:15:09.180`)
-* [CVE-2023-35866](CVE-2023/CVE-2023-358xx/CVE-2023-35866.json) (`2023-06-19T06:15:09.240`)
+* [CVE-2023-35005](CVE-2023/CVE-2023-350xx/CVE-2023-35005.json) (`2023-06-19T09:15:09.380`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `2`

+* [CVE-2023-3309](CVE-2023/CVE-2023-33xx/CVE-2023-3309.json) (`2023-06-19T08:15:09.270`)
+* [CVE-2023-3311](CVE-2023/CVE-2023-33xx/CVE-2023-3311.json) (`2023-06-19T08:15:09.447`)


 ## Download and Usage