Auto-Update: 2023-11-20T07:00:17.340222+00:00

2025-07-11 16:13:34 +00:00 · 2023-11-20 07:00:20 +00:00 · 2023-11-20 07:00:20 +00:00 · c13381ea01
commit c13381ea01
parent f01f43f42a
5 changed files with 83 additions and 185 deletions
--- a/CVE-2021/CVE-2021-34xx/CVE-2021-3487.json
+++ b/CVE-2021/CVE-2021-34xx/CVE-2021-3487.json
@ -2,185 +2,14 @@
  "id": "CVE-2021-3487",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2021-04-15T14:15:17.310",
-  "lastModified": "2023-11-07T03:38:02.687",
-  "vulnStatus": "Modified",
+  "lastModified": "2023-11-20T05:15:08.150",
+  "vulnStatus": "Rejected",
  "descriptions": [
    {
      "lang": "en",
-      "value": "There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption."
-    },
-    {
-      "lang": "es",
-      "value": "Se presenta un fallo en la biblioteca BFD de binutils en versiones anteriores a 2.36.&#xa0;Un atacante que suministre un archivo dise\u00f1ado a una aplicaci\u00f3n vinculada con BFD y utilice la funcionalidad DWARF podr\u00eda causar un impacto en la disponibilidad del sistema mediante un consumo excesivo de la memoria"
+      "value": "Rejected reason: Non Security Issue. See the binutils security policy for more details, https://sourceware.org/cgit/binutils-gdb/tree/binutils/SECURITY.txt"
    }
  ],
-  "metrics": {
-    "cvssMetricV31": [
-      {
-        "source": "nvd@nist.gov",
-        "type": "Primary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
-          "attackVector": "NETWORK",
-          "attackComplexity": "LOW",
-          "privilegesRequired": "NONE",
-          "userInteraction": "REQUIRED",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "NONE",
-          "integrityImpact": "NONE",
-          "availabilityImpact": "HIGH",
-          "baseScore": 6.5,
-          "baseSeverity": "MEDIUM"
-        },
-        "exploitabilityScore": 2.8,
-        "impactScore": 3.6
-      }
-    ],
-    "cvssMetricV2": [
-      {
-        "source": "nvd@nist.gov",
-        "type": "Primary",
-        "cvssData": {
-          "version": "2.0",
-          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
-          "accessVector": "NETWORK",
-          "accessComplexity": "MEDIUM",
-          "authentication": "NONE",
-          "confidentialityImpact": "NONE",
-          "integrityImpact": "NONE",
-          "availabilityImpact": "COMPLETE",
-          "baseScore": 7.1
-        },
-        "baseSeverity": "HIGH",
-        "exploitabilityScore": 8.6,
-        "impactScore": 6.9,
-        "acInsufInfo": false,
-        "obtainAllPrivilege": false,
-        "obtainUserPrivilege": false,
-        "obtainOtherPrivilege": false,
-        "userInteractionRequired": true
-      }
-    ]
-  },
-  "weaknesses": [
-    {
-      "source": "nvd@nist.gov",
-      "type": "Primary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-20"
-        }
-      ]
-    },
-    {
-      "source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
-      "type": "Secondary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-20"
-        }
-      ]
-    }
-  ],
-  "configurations": [
-    {
-      "nodes": [
-        {
-          "operator": "OR",
-          "negate": false,
-          "cpeMatch": [
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*",
-              "versionEndExcluding": "2.36",
-              "matchCriteriaId": "7638503F-4510-4D02-B98D-4E5A38DC4C9C"
-            }
-          ]
-        }
-      ]
-    },
-    {
-      "nodes": [
-        {
-          "operator": "OR",
-          "negate": false,
-          "cpeMatch": [
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
-              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
-              "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
-              "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
-            }
-          ]
-        }
-      ]
-    },
-    {
-      "nodes": [
-        {
-          "operator": "OR",
-          "negate": false,
-          "cpeMatch": [
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
-              "matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
-              "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
-              "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"
-            }
-          ]
-        }
-      ]
-    }
-  ],
-  "references": [
-    {
-      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1947111",
-      "source": "secalert@redhat.com",
-      "tags": [
-        "Issue Tracking",
-        "Patch",
-        "Third Party Advisory"
-      ]
-    },
-    {
-      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3Z3KSJY3CLAAFFT7FNFCJOMDITPQGN56/",
-      "source": "secalert@redhat.com"
-    },
-    {
-      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6V2LF5AVOUTHPYY2O5TRNAIXVMXFDGL/",
-      "source": "secalert@redhat.com"
-    },
-    {
-      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNBNDMJWZOQYCEZXENHBSM6DBZ332UZZ/",
-      "source": "secalert@redhat.com"
-    },
-    {
-      "url": "https://security.gentoo.org/glsa/202208-30",
-      "source": "secalert@redhat.com",
-      "tags": [
-        "Third Party Advisory"
-      ]
-    }
-  ]
+  "metrics": {},
+  "references": []
 }
--- a/CVE-2023/CVE-2023-467xx/CVE-2023-46700.json
+++ b/CVE-2023/CVE-2023-467xx/CVE-2023-46700.json
@ -0,0 +1,32 @@
+{
+  "id": "CVE-2023-46700",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2023-11-20T05:15:08.823",
+  "lastModified": "2023-11-20T05:15:08.823",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary SQL command by sending a crafted request, and obtain or alter information stored in the database."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN15005948/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.luxsoft.eu/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.luxsoft.eu/?download",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.luxsoft.eu/lcforum/viewtopic.php?id=476",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-471xx/CVE-2023-47175.json
+++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47175.json
@ -0,0 +1,32 @@
+{
+  "id": "CVE-2023-47175",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2023-11-20T05:15:08.953",
+  "lastModified": "2023-11-20T05:15:08.953",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is accessing the product."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN15005948/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.luxsoft.eu/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.luxsoft.eu/?download",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.luxsoft.eu/lcforum/viewtopic.php?id=476",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-61xx/CVE-2023-6174.json
+++ b/CVE-2023/CVE-2023-61xx/CVE-2023-6174.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-6174",
  "sourceIdentifier": "cve@gitlab.com",
  "published": "2023-11-16T12:15:07.240",
-  "lastModified": "2023-11-16T13:51:11.743",
+  "lastModified": "2023-11-20T05:15:09.010",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
@ -55,6 +55,10 @@
      "url": "https://gitlab.com/wireshark/wireshark/-/issues/19369",
      "source": "cve@gitlab.com"
    },
+    {
+      "url": "https://www.debian.org/security/2023/dsa-5559",
+      "source": "cve@gitlab.com"
+    },
    {
      "url": "https://www.wireshark.org/security/wnpa-sec-2023-28.html",
      "source": "cve@gitlab.com"
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-11-20T05:00:17.447314+00:00
+2023-11-20T07:00:17.340222+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-11-20T03:15:44.190000+00:00
+2023-11-20T05:15:09.010000+00:00
 ```

 ### Last Data Feed Release
@ -29,22 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-231117
+231119
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `0`
+Recently added CVEs: `2`

+* [CVE-2023-46700](CVE-2023/CVE-2023-467xx/CVE-2023-46700.json) (`2023-11-20T05:15:08.823`)
+* [CVE-2023-47175](CVE-2023/CVE-2023-471xx/CVE-2023-47175.json) (`2023-11-20T05:15:08.953`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `3`
+Recently modified CVEs: `2`

-* [CVE-2022-41717](CVE-2022/CVE-2022-417xx/CVE-2022-41717.json) (`2023-11-20T03:15:43.933`)
-* [CVE-2022-41723](CVE-2022/CVE-2022-417xx/CVE-2022-41723.json) (`2023-11-20T03:15:44.077`)
-* [CVE-2023-39325](CVE-2023/CVE-2023-393xx/CVE-2023-39325.json) (`2023-11-20T03:15:44.190`)
+* [CVE-2021-3487](CVE-2021/CVE-2021-34xx/CVE-2021-3487.json) (`2023-11-20T05:15:08.150`)
+* [CVE-2023-6174](CVE-2023/CVE-2023-61xx/CVE-2023-6174.json) (`2023-11-20T05:15:09.010`)


 ## Download and Usage