From c7fd08b2d5afa21d286036c1ec301261bb5123eb Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sun, 24 Nov 2024 13:04:06 +0000 Subject: [PATCH] Auto-Update: 2024-11-24T13:00:55.743039+00:00 --- CVE-2023/CVE-2023-411xx/CVE-2023-41175.json | 74 +++++++++++-------- CVE-2023/CVE-2023-62xx/CVE-2023-6267.json | 80 +++++++++++++-------- README.md | 13 ++-- _state.csv | 10 +-- 4 files changed, 108 insertions(+), 69 deletions(-) diff --git a/CVE-2023/CVE-2023-411xx/CVE-2023-41175.json b/CVE-2023/CVE-2023-411xx/CVE-2023-41175.json index 73aadcf5d9b..7a6ef32da1d 100644 --- a/CVE-2023/CVE-2023-411xx/CVE-2023-41175.json +++ b/CVE-2023/CVE-2023-411xx/CVE-2023-41175.json @@ -2,9 +2,8 @@ "id": "CVE-2023-41175", "sourceIdentifier": "secalert@redhat.com", "published": "2023-10-05T19:15:11.340", - "lastModified": "2024-04-30T15:15:50.720", + "lastModified": "2024-11-24T12:15:14.740", "vulnStatus": "Modified", - "cveTags": [], "descriptions": [ { "lang": "en", @@ -17,32 +16,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "NONE", - "integrityImpact": "NONE", - "availabilityImpact": "HIGH", - "baseScore": 6.5, - "baseSeverity": "MEDIUM" - }, - "exploitabilityScore": 2.8, - "impactScore": 3.6 - }, { "source": "secalert@redhat.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -50,9 +31,27 @@ "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", - "availabilityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, - "baseSeverity": "MEDIUM" + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 3.6 @@ -61,22 +60,22 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "secalert@redhat.com", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-190" + "value": "CWE-122" } ] }, { - "source": "secalert@redhat.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-680" + "value": "CWE-190" } ] } @@ -143,6 +142,25 @@ "Issue Tracking", "Third Party Advisory" ] + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:2289", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/security/cve/CVE-2023-41175", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235264", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-62xx/CVE-2023-6267.json b/CVE-2023/CVE-2023-62xx/CVE-2023-6267.json index 1c790b880d1..5b2cab1dbb4 100644 --- a/CVE-2023/CVE-2023-62xx/CVE-2023-6267.json +++ b/CVE-2023/CVE-2023-62xx/CVE-2023-6267.json @@ -2,9 +2,8 @@ "id": "CVE-2023-6267", "sourceIdentifier": "secalert@redhat.com", "published": "2024-01-25T19:15:08.260", - "lastModified": "2024-02-17T10:15:07.890", + "lastModified": "2024-11-24T12:15:15.367", "vulnStatus": "Modified", - "cveTags": [], "descriptions": [ { "lang": "en", @@ -17,32 +16,14 @@ ], "metrics": { "cvssMetricV31": [ - { - "source": "nvd@nist.gov", - "type": "Primary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 5.9 - }, { "source": "secalert@redhat.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", + "baseScore": 8.6, + "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -50,33 +31,51 @@ "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "HIGH", - "baseScore": 8.6, - "baseSeverity": "HIGH" + "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 4.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "secalert@redhat.com", "type": "Primary", "description": [ { "lang": "en", - "value": "CWE-755" + "value": "CWE-502" } ] }, { - "source": "secalert@redhat.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-280" + "value": "CWE-755" } ] } @@ -139,6 +138,29 @@ "Issue Tracking", "Vendor Advisory" ] + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:0494", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2024:0495", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://access.redhat.com/security/cve/CVE-2023-6267", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251155", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 9802be7f197..93dc7c92f06 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-11-24T03:03:49.094100+00:00 +2024-11-24T13:00:55.743039+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-11-24T02:15:16.030000+00:00 +2024-11-24T12:15:15.367000+00:00 ``` ### Last Data Feed Release @@ -38,17 +38,16 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `0` -- [CVE-2024-11233](CVE-2024/CVE-2024-112xx/CVE-2024-11233.json) (`2024-11-24T02:15:16.030`) -- [CVE-2024-11234](CVE-2024/CVE-2024-112xx/CVE-2024-11234.json) (`2024-11-24T01:15:03.987`) -- [CVE-2024-11236](CVE-2024/CVE-2024-112xx/CVE-2024-11236.json) (`2024-11-24T01:15:04.387`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `2` +- [CVE-2023-41175](CVE-2023/CVE-2023-411xx/CVE-2023-41175.json) (`2024-11-24T12:15:14.740`) +- [CVE-2023-6267](CVE-2023/CVE-2023-62xx/CVE-2023-6267.json) (`2024-11-24T12:15:15.367`) ## Download and Usage diff --git a/_state.csv b/_state.csv index f8f09b060b1..cfb4b8d0dd5 100644 --- a/_state.csv +++ b/_state.csv @@ -231586,7 +231586,7 @@ CVE-2023-41171,0,0,e91c1c0983b18373caa01d2fc3829d4aca5526f6ea91f09225762071e0c00 CVE-2023-41172,0,0,a2a36b7918a13bed62f70cad725e2f7ca8218a25c101404c0106500b1a272788,2023-12-12T18:11:23.157000 CVE-2023-41173,0,0,44360db06d77e3ca130be3f73c6fa563158b2ab9fb89660101960bfa3809c8da,2024-10-02T18:35:07.057000 CVE-2023-41174,0,0,2b2ea5ae0f2b5c6f0c6c3a442733edf6861dc2bbb5ee3334bd5d62867b5b303e,2023-11-07T04:20:56.423000 -CVE-2023-41175,0,0,fbe29740e79a6f110bab7b90278d9d39985394d1613cf8901fe1335b4b6514e4,2024-04-30T15:15:50.720000 +CVE-2023-41175,0,1,cb65543453f121349d5cfbc0b570e4d3e43da4a0cb71aa166cae8accaf9748e8,2024-11-24T12:15:14.740000 CVE-2023-41176,0,0,735a0bc0e4dcb12596e8399bf2bb3db1e454d6b0ecbf729493e45efd006cfa90,2024-01-29T17:36:19.543000 CVE-2023-41177,0,0,85d92f4605d3211cf1bde63a5199a5251834ff7f9b179a06c1231042c732c91a,2024-01-29T17:36:01.880000 CVE-2023-41178,0,0,ae4285b4cb6a4ba4be6bd1f532eeda2be8bd03382dfa154527e14597a8ca5649,2024-01-29T17:35:46.797000 @@ -240819,7 +240819,7 @@ CVE-2023-6263,0,0,6ffbe7a0f3ed5da65854400a3ae0f9155c9da08a9eb879f8adbcc066abc0ab CVE-2023-6264,0,0,bf7f0e509c0a54e71114843664df9d940b4cca0fe96092175c117a53c783fa32,2023-12-01T03:51:45.277000 CVE-2023-6265,0,0,51fef7a1d70a0713d35cf095b64918c44089e076c67fa317ecf944dd1c1b4cc0,2024-08-02T09:15:35.073000 CVE-2023-6266,0,0,f933e3bedba95dd495fb578e964515f95892aaed9560e4c9e46b1e0c0e076d10,2024-01-17T20:13:08.783000 -CVE-2023-6267,0,0,15937d7df0dba00b18e56c62079d33fd6be4f88aa6a0b6361abc65d3ff3137c7,2024-02-17T10:15:07.890000 +CVE-2023-6267,0,1,7dbad07cbe2117f7c8606002b426a645fab5d0c92848bf711b0933f831ebe257,2024-11-24T12:15:15.367000 CVE-2023-6268,0,0,45dfb68afc069393d3628900f65c6191652ee16c03fc7a8017e48e14bf1edd9a,2024-01-04T03:14:37.020000 CVE-2023-6269,0,0,0bfa35c6ca8316c74fb5cc127597f80feb0289558fe11e8a4f742ed223ba9bb3,2023-12-13T17:15:07.400000 CVE-2023-6270,0,0,d00bdd52db567626fb03ea16d06bfd12d7d4f39059f0134b911e740fab0af4ee,2024-06-27T13:15:54.233000 @@ -243432,9 +243432,9 @@ CVE-2024-11228,0,0,9fc5ec42228f59de6756223b2f66605b831df8cf5121ac71cae8165002d20 CVE-2024-11229,0,0,8de69af2e8ef71bf0699d395c3530a96b920df18def0dd7e9945c9cd35c53cd6,2024-11-23T12:15:18.983000 CVE-2024-1123,0,0,b973e4c54de6f241a32cf221a70e04068421d86df4d000867b2228a54e55ef35,2024-03-11T01:32:39.697000 CVE-2024-11231,0,0,340d4a67a1a53dfc3acaeb8d7a5545a089dda27cdd6d90b8d47ab035e0216159,2024-11-23T12:15:19.387000 -CVE-2024-11233,1,1,48390651d2a1ab2f99be692a515e725d9d6cfe2358f0d5991075187c2c6a2bf6,2024-11-24T02:15:16.030000 -CVE-2024-11234,1,1,8e921bffe97e147ad3138319e38f36b4c41b3c2c99dfe5064af2e2b07c838f5e,2024-11-24T01:15:03.987000 -CVE-2024-11236,1,1,4bcc8eabd790c7d86c7d4b9f4e5c8bbcb8e875f455dfed03d4d8c52ac0cc6fd1,2024-11-24T01:15:04.387000 +CVE-2024-11233,0,0,48390651d2a1ab2f99be692a515e725d9d6cfe2358f0d5991075187c2c6a2bf6,2024-11-24T02:15:16.030000 +CVE-2024-11234,0,0,8e921bffe97e147ad3138319e38f36b4c41b3c2c99dfe5064af2e2b07c838f5e,2024-11-24T01:15:03.987000 +CVE-2024-11236,0,0,4bcc8eabd790c7d86c7d4b9f4e5c8bbcb8e875f455dfed03d4d8c52ac0cc6fd1,2024-11-24T01:15:04.387000 CVE-2024-11237,0,0,9213e2a4eef9d88853d744219598c19b6ea93ab11d996277723bb7fe3b4dafb0,2024-11-19T19:04:14.987000 CVE-2024-11238,0,0,ce4db66c60999acd981d78df2e1b620167b9a91ec92fb71a2c401cfcff716486,2024-11-19T19:01:13.060000 CVE-2024-11239,0,0,aefb59a8cfc2086746090c1190902046658072a530e6347767791876e7172fb6,2024-11-19T19:00:43.230000