admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-11 16:13:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-20T07:00:17.340222+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-20 07:00:20 +00:00
parent f01f43f42a
commit c13381ea01
5 changed files with 83 additions and 185 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

181
CVE-2021/CVE-2021-34xx/CVE-2021-3487.json
View File

@ -2,185 +2,14 @@
"id": "CVE-2021-3487", "id": "CVE-2021-3487",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2021-04-15T14:15:17.310", "published": "2021-04-15T14:15:17.310",
"lastModified": "2023-11-07T03:38:02.687", "lastModified": "2023-11-20T05:15:08.150",
"vulnStatus": "Modified", "vulnStatus": "Rejected",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption." "value": "Rejected reason: Non Security Issue. See the binutils security policy for more details, https://sourceware.org/cgit/binutils-gdb/tree/binutils/SECURITY.txt"
},
{
"lang": "es",
"value": "Se presenta un fallo en la biblioteca BFD de binutils en versiones anteriores a 2.36. Un atacante que suministre un archivo dise\u00f1ado a una aplicaci\u00f3n vinculada con BFD y utilice la funcionalidad DWARF podr\u00eda causar un impacto en la disponibilidad del sistema mediante un consumo excesivo de la memoria"
} }
], ],
"metrics": { "metrics": {},
"cvssMetricV31": [ "references": []
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
},
{
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.36",
"matchCriteriaId": "7638503F-4510-4D02-B98D-4E5A38DC4C9C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1947111",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3Z3KSJY3CLAAFFT7FNFCJOMDITPQGN56/",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6V2LF5AVOUTHPYY2O5TRNAIXVMXFDGL/",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNBNDMJWZOQYCEZXENHBSM6DBZ332UZZ/",
"source": "secalert@redhat.com"
},
{
"url": "https://security.gentoo.org/glsa/202208-30",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
} }

32
CVE-2023/CVE-2023-467xx/CVE-2023-46700.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-46700",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-11-20T05:15:08.823",
"lastModified": "2023-11-20T05:15:08.823",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary SQL command by sending a crafted request, and obtain or alter information stored in the database."
}
],
"metrics": {},
"references": [
{
"url": "https://jvn.jp/en/jp/JVN15005948/",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.luxsoft.eu/",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.luxsoft.eu/?download",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.luxsoft.eu/lcforum/viewtopic.php?id=476",
"source": "vultures@jpcert.or.jp"
}
]
}

32
CVE-2023/CVE-2023-471xx/CVE-2023-47175.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-47175",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-11-20T05:15:08.953",
"lastModified": "2023-11-20T05:15:08.953",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is accessing the product."
}
],
"metrics": {},
"references": [
{
"url": "https://jvn.jp/en/jp/JVN15005948/",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.luxsoft.eu/",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.luxsoft.eu/?download",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://www.luxsoft.eu/lcforum/viewtopic.php?id=476",
"source": "vultures@jpcert.or.jp"
}
]
}

6
CVE-2023/CVE-2023-61xx/CVE-2023-6174.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-6174", "id": "CVE-2023-6174",
"sourceIdentifier": "cve@gitlab.com", "sourceIdentifier": "cve@gitlab.com",
"published": "2023-11-16T12:15:07.240", "published": "2023-11-16T12:15:07.240",
"lastModified": "2023-11-16T13:51:11.743", "lastModified": "2023-11-20T05:15:09.010",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
@ -55,6 +55,10 @@
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19369", "url": "https://gitlab.com/wireshark/wireshark/-/issues/19369",
"source": "cve@gitlab.com" "source": "cve@gitlab.com"
}, },
{
"url": "https://www.debian.org/security/2023/dsa-5559",
"source": "cve@gitlab.com"
},
{ {
"url": "https://www.wireshark.org/security/wnpa-sec-2023-28.html", "url": "https://www.wireshark.org/security/wnpa-sec-2023-28.html",
"source": "cve@gitlab.com" "source": "cve@gitlab.com"

17
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-11-20T05:00:17.447314+00:00 2023-11-20T07:00:17.340222+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-11-20T03:15:44.190000+00:00 2023-11-20T05:15:09.010000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,22 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
231117 231119
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `0` Recently added CVEs: `2`
* [CVE-2023-46700](CVE-2023/CVE-2023-467xx/CVE-2023-46700.json) (`2023-11-20T05:15:08.823`)
* [CVE-2023-47175](CVE-2023/CVE-2023-471xx/CVE-2023-47175.json) (`2023-11-20T05:15:08.953`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `3` Recently modified CVEs: `2`
* [CVE-2022-41717](CVE-2022/CVE-2022-417xx/CVE-2022-41717.json) (`2023-11-20T03:15:43.933`) * [CVE-2021-3487](CVE-2021/CVE-2021-34xx/CVE-2021-3487.json) (`2023-11-20T05:15:08.150`)
* [CVE-2022-41723](CVE-2022/CVE-2022-417xx/CVE-2022-41723.json) (`2023-11-20T03:15:44.077`) * [CVE-2023-6174](CVE-2023/CVE-2023-61xx/CVE-2023-6174.json) (`2023-11-20T05:15:09.010`)
* [CVE-2023-39325](CVE-2023/CVE-2023-393xx/CVE-2023-39325.json) (`2023-11-20T03:15:44.190`)
## Download and Usage ## Download and Usage