Auto-Update: 2023-11-12T17:00:18.597604+00:00

2025-07-09 16:05:11 +00:00 · 2023-11-12 17:00:22 +00:00 · 2023-11-12 17:00:22 +00:00 · d0cea71719
commit d0cea71719
parent fa6cf433f0
5 changed files with 34 additions and 12 deletions
--- a/CVE-2023/CVE-2023-406xx/CVE-2023-40611.json
+++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40611.json
@ -2,12 +2,16 @@
  "id": "CVE-2023-40611",
  "sourceIdentifier": "security@apache.org",
  "published": "2023-09-12T12:15:08.200",
-  "lastModified": "2023-09-13T03:51:07.913",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-11-12T15:15:07.600",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows\u00a0authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. This could have them alter details such as configuration parameters, start date, etc.\n\nUsers should upgrade to version 2.7.1 or later which has removed the vulnerability.\n"
+    },
+    {
+      "lang": "es",
+      "value": "Apache Airflow, versiones anteriores a 2.7.1, se ve afectada por una vulnerabilidad que permite a los usuarios autenticados y autorizados para DAG-view modificar algunos valores de detalles de ejecuci\u00f3n de DAG al enviar notas. Esto podr\u00eda hacer que alteren detalles como los par\u00e1metros de configuraci\u00f3n, la fecha de inicio, etc. Los usuarios deben actualizar a la versi\u00f3n 2.7.1 o posterior, que ha eliminado la vulnerabilidad."
    }
  ],
  "metrics": {
@ -75,6 +79,10 @@
    }
  ],
  "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2023/11/12/1",
+      "source": "security@apache.org"
+    },
    {
      "url": "https://github.com/apache/airflow/pull/33413",
      "source": "security@apache.org",
--- a/CVE-2023/CVE-2023-426xx/CVE-2023-42663.json
+++ b/CVE-2023/CVE-2023-426xx/CVE-2023-42663.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-42663",
  "sourceIdentifier": "security@apache.org",
  "published": "2023-10-14T10:15:09.940",
-  "lastModified": "2023-10-18T18:46:22.287",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-11-12T15:15:07.773",
+  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
@ -69,6 +69,10 @@
    }
  ],
  "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2023/11/12/2",
+      "source": "security@apache.org"
+    },
    {
      "url": "https://github.com/apache/airflow/pull/34315",
      "source": "security@apache.org",
--- a/CVE-2023/CVE-2023-427xx/CVE-2023-42781.json
+++ b/CVE-2023/CVE-2023-427xx/CVE-2023-42781.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-42781",
  "sourceIdentifier": "security@apache.org",
  "published": "2023-11-12T14:15:25.847",
-  "lastModified": "2023-11-12T14:15:25.847",
+  "lastModified": "2023-11-12T15:15:07.883",
  "vulnStatus": "Received",
  "descriptions": [
    {
@ -24,6 +24,10 @@
    }
  ],
  "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2023/11/12/2",
+      "source": "security@apache.org"
+    },
    {
      "url": "https://github.com/apache/airflow/pull/34939",
      "source": "security@apache.org"
--- a/CVE-2023/CVE-2023-470xx/CVE-2023-47037.json
+++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47037.json
@ -2,7 +2,7 @@
  "id": "CVE-2023-47037",
  "sourceIdentifier": "security@apache.org",
  "published": "2023-11-12T14:15:25.980",
-  "lastModified": "2023-11-12T14:15:25.980",
+  "lastModified": "2023-11-12T15:15:07.950",
  "vulnStatus": "Received",
  "descriptions": [
    {
@ -24,6 +24,10 @@
    }
  ],
  "references": [
+    {
+      "url": "http://www.openwall.com/lists/oss-security/2023/11/12/1",
+      "source": "security@apache.org"
+    },
    {
      "url": "https://github.com/apache/airflow/pull/33413",
      "source": "security@apache.org"
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-11-12T15:00:20.927018+00:00
+2023-11-12T17:00:18.597604+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-11-12T14:15:25.980000+00:00
+2023-11-12T15:15:07.950000+00:00
 ```

 ### Last Data Feed Release
@ -34,16 +34,18 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/

 ### CVEs added in the last Commit

-Recently added CVEs: `2`
+Recently added CVEs: `0`

-* [CVE-2023-42781](CVE-2023/CVE-2023-427xx/CVE-2023-42781.json) (`2023-11-12T14:15:25.847`)
-* [CVE-2023-47037](CVE-2023/CVE-2023-470xx/CVE-2023-47037.json) (`2023-11-12T14:15:25.980`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `4`

+* [CVE-2023-40611](CVE-2023/CVE-2023-406xx/CVE-2023-40611.json) (`2023-11-12T15:15:07.600`)
+* [CVE-2023-42663](CVE-2023/CVE-2023-426xx/CVE-2023-42663.json) (`2023-11-12T15:15:07.773`)
+* [CVE-2023-42781](CVE-2023/CVE-2023-427xx/CVE-2023-42781.json) (`2023-11-12T15:15:07.883`)
+* [CVE-2023-47037](CVE-2023/CVE-2023-470xx/CVE-2023-47037.json) (`2023-11-12T15:15:07.950`)


 ## Download and Usage