Auto-Update: 2023-10-30T03:00:33.911697+00:00

2025-05-08 11:37:26 +00:00 · 2023-10-30 03:00:37 +00:00 · 2023-10-30 03:00:37 +00:00 · c61b845a77
commit c61b845a77
parent 4ba9604afc
6 changed files with 157 additions and 19 deletions
--- a/CVE-2022/CVE-2022-383xx/CVE-2022-38398.json
+++ b/CVE-2022/CVE-2022-383xx/CVE-2022-38398.json
@ -2,8 +2,8 @@
  "id": "CVE-2022-38398",
  "sourceIdentifier": "security@apache.org",
  "published": "2022-09-22T15:15:09.287",
-  "lastModified": "2023-10-15T00:15:09.897",
-  "vulnStatus": "Modified",
+  "lastModified": "2023-10-30T02:18:05.193",
+  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
@ -75,6 +75,21 @@
          ]
        }
      ]
+    },
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
+            }
+          ]
+        }
+      ]
    }
  ],
  "references": [
@ -88,7 +103,10 @@
    },
    {
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html",
-      "source": "security@apache.org"
+      "source": "security@apache.org",
+      "tags": [
+        "Mailing List"
+      ]
    }
  ]
 }
--- a/CVE-2022/CVE-2022-447xx/CVE-2022-44729.json
+++ b/CVE-2022/CVE-2022-447xx/CVE-2022-44729.json
@ -2,8 +2,8 @@
  "id": "CVE-2022-44729",
  "sourceIdentifier": "security@apache.org",
  "published": "2023-08-22T19:16:29.833",
-  "lastModified": "2023-10-15T00:15:10.170",
-  "vulnStatus": "Modified",
+  "lastModified": "2023-10-30T02:17:57.743",
+  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
@ -63,6 +63,21 @@
          ]
        }
      ]
+    },
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
+            }
+          ]
+        }
+      ]
    }
  ],
  "references": [
@ -92,7 +107,10 @@
    },
    {
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html",
-      "source": "security@apache.org"
+      "source": "security@apache.org",
+      "tags": [
+        "Mailing List"
+      ]
    },
    {
      "url": "https://xmlgraphics.apache.org/security.html",
--- a/CVE-2022/CVE-2022-447xx/CVE-2022-44730.json
+++ b/CVE-2022/CVE-2022-447xx/CVE-2022-44730.json
@ -2,8 +2,8 @@
  "id": "CVE-2022-44730",
  "sourceIdentifier": "security@apache.org",
  "published": "2023-08-22T19:16:29.930",
-  "lastModified": "2023-10-15T00:15:10.257",
-  "vulnStatus": "Modified",
+  "lastModified": "2023-10-30T02:18:01.513",
+  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
@ -63,6 +63,21 @@
          ]
        }
      ]
+    },
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
+            }
+          ]
+        }
+      ]
    }
  ],
  "references": [
@ -92,7 +107,10 @@
    },
    {
      "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html",
-      "source": "security@apache.org"
+      "source": "security@apache.org",
+      "tags": [
+        "Mailing List"
+      ]
    },
    {
      "url": "https://xmlgraphics.apache.org/security.html",
--- a/CVE-2023/CVE-2023-468xx/CVE-2023-46865.json
+++ b/CVE-2023/CVE-2023-468xx/CVE-2023-46865.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2023-46865",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-30T01:15:21.967",
+  "lastModified": "2023-10-30T01:15:21.967",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "/api/v1/company/upload-logo in CompanyController.php in crater through 6.0.6 allows a superadmin to execute arbitrary PHP code by placing this code into an image/png IDAT chunk of a Company Logo image."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/crater-invoice/crater/issues/1267",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/crater-invoice/crater/pull/1271",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-58xx/CVE-2023-5842.json
+++ b/CVE-2023/CVE-2023-58xx/CVE-2023-5842.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-5842",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2023-10-30T01:15:22.013",
+  "lastModified": "2023-10-30T01:15:22.013",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-site Scripting (XSS) - Stored in GitHub repository dolibarr/dolibarr prior to 16.0.5."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.8,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.7,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/dolibarr/dolibarr/commit/f569048eb2bd823525bce4ef52316e7a83e3345c",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.com/bounties/aed81114-5952-46f5-ae3a-e66518e98ba3",
+      "source": "security@huntr.dev"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-10-30T00:55:26.083424+00:00
+2023-10-30T03:00:33.911697+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-10-30T00:15:39.237000+00:00
+2023-10-30T02:18:05.193000+00:00
 ```

 ### Last Data Feed Release
@ -23,29 +23,30 @@ Repository synchronizes with the NVD every 2 hours.
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)

 ```plain
-2023-10-29T00:00:13.958831+00:00
+2023-10-30T01:00:13.533300+00:00
 ```

 ### Total Number of included CVEs

 ```plain
-229122
+229124
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `4`
+Recently added CVEs: `2`

-* [CVE-2023-44002](CVE-2023/CVE-2023-440xx/CVE-2023-44002.json) (`2023-10-30T00:15:39.077`)
-* [CVE-2023-46863](CVE-2023/CVE-2023-468xx/CVE-2023-46863.json) (`2023-10-30T00:15:39.157`)
-* [CVE-2023-46864](CVE-2023/CVE-2023-468xx/CVE-2023-46864.json) (`2023-10-30T00:15:39.200`)
-* [CVE-2023-4393](CVE-2023/CVE-2023-43xx/CVE-2023-4393.json) (`2023-10-30T00:15:39.237`)
+* [CVE-2023-46865](CVE-2023/CVE-2023-468xx/CVE-2023-46865.json) (`2023-10-30T01:15:21.967`)
+* [CVE-2023-5842](CVE-2023/CVE-2023-58xx/CVE-2023-5842.json) (`2023-10-30T01:15:22.013`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `3`

+* [CVE-2022-44729](CVE-2022/CVE-2022-447xx/CVE-2022-44729.json) (`2023-10-30T02:17:57.743`)
+* [CVE-2022-44730](CVE-2022/CVE-2022-447xx/CVE-2022-44730.json) (`2023-10-30T02:18:01.513`)
+* [CVE-2022-38398](CVE-2022/CVE-2022-383xx/CVE-2022-38398.json) (`2023-10-30T02:18:05.193`)


 ## Download and Usage