From d0cea71719f7625a58936f859aec956e23c3fd8d Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sun, 12 Nov 2023 17:00:22 +0000 Subject: [PATCH] Auto-Update: 2023-11-12T17:00:18.597604+00:00 --- CVE-2023/CVE-2023-406xx/CVE-2023-40611.json | 12 ++++++++++-- CVE-2023/CVE-2023-426xx/CVE-2023-42663.json | 8 ++++++-- CVE-2023/CVE-2023-427xx/CVE-2023-42781.json | 6 +++++- CVE-2023/CVE-2023-470xx/CVE-2023-47037.json | 6 +++++- README.md | 14 ++++++++------ 5 files changed, 34 insertions(+), 12 deletions(-) diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40611.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40611.json index b81ff345e55..ec08c7c1f28 100644 --- a/CVE-2023/CVE-2023-406xx/CVE-2023-40611.json +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40611.json @@ -2,12 +2,16 @@ "id": "CVE-2023-40611", "sourceIdentifier": "security@apache.org", "published": "2023-09-12T12:15:08.200", - "lastModified": "2023-09-13T03:51:07.913", - "vulnStatus": "Analyzed", + "lastModified": "2023-11-12T15:15:07.600", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows\u00a0authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. This could have them alter details such as configuration parameters, start date, etc.\n\nUsers should upgrade to version 2.7.1 or later which has removed the vulnerability.\n" + }, + { + "lang": "es", + "value": "Apache Airflow, versiones anteriores a 2.7.1, se ve afectada por una vulnerabilidad que permite a los usuarios autenticados y autorizados para DAG-view modificar algunos valores de detalles de ejecuci\u00f3n de DAG al enviar notas. Esto podr\u00eda hacer que alteren detalles como los par\u00e1metros de configuraci\u00f3n, la fecha de inicio, etc. Los usuarios deben actualizar a la versi\u00f3n 2.7.1 o posterior, que ha eliminado la vulnerabilidad." } ], "metrics": { @@ -75,6 +79,10 @@ } ], "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/11/12/1", + "source": "security@apache.org" + }, { "url": "https://github.com/apache/airflow/pull/33413", "source": "security@apache.org", diff --git a/CVE-2023/CVE-2023-426xx/CVE-2023-42663.json b/CVE-2023/CVE-2023-426xx/CVE-2023-42663.json index 09c3909f6b8..abdd42e3c3e 100644 --- a/CVE-2023/CVE-2023-426xx/CVE-2023-42663.json +++ b/CVE-2023/CVE-2023-426xx/CVE-2023-42663.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42663", "sourceIdentifier": "security@apache.org", "published": "2023-10-14T10:15:09.940", - "lastModified": "2023-10-18T18:46:22.287", - "vulnStatus": "Analyzed", + "lastModified": "2023-11-12T15:15:07.773", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -69,6 +69,10 @@ } ], "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/11/12/2", + "source": "security@apache.org" + }, { "url": "https://github.com/apache/airflow/pull/34315", "source": "security@apache.org", diff --git a/CVE-2023/CVE-2023-427xx/CVE-2023-42781.json b/CVE-2023/CVE-2023-427xx/CVE-2023-42781.json index 9f6cf6ffbf2..5771b1eefe6 100644 --- a/CVE-2023/CVE-2023-427xx/CVE-2023-42781.json +++ b/CVE-2023/CVE-2023-427xx/CVE-2023-42781.json @@ -2,7 +2,7 @@ "id": "CVE-2023-42781", "sourceIdentifier": "security@apache.org", "published": "2023-11-12T14:15:25.847", - "lastModified": "2023-11-12T14:15:25.847", + "lastModified": "2023-11-12T15:15:07.883", "vulnStatus": "Received", "descriptions": [ { @@ -24,6 +24,10 @@ } ], "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/11/12/2", + "source": "security@apache.org" + }, { "url": "https://github.com/apache/airflow/pull/34939", "source": "security@apache.org" diff --git a/CVE-2023/CVE-2023-470xx/CVE-2023-47037.json b/CVE-2023/CVE-2023-470xx/CVE-2023-47037.json index b60361fda8f..69764f8cc5e 100644 --- a/CVE-2023/CVE-2023-470xx/CVE-2023-47037.json +++ b/CVE-2023/CVE-2023-470xx/CVE-2023-47037.json @@ -2,7 +2,7 @@ "id": "CVE-2023-47037", "sourceIdentifier": "security@apache.org", "published": "2023-11-12T14:15:25.980", - "lastModified": "2023-11-12T14:15:25.980", + "lastModified": "2023-11-12T15:15:07.950", "vulnStatus": "Received", "descriptions": [ { @@ -24,6 +24,10 @@ } ], "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/11/12/1", + "source": "security@apache.org" + }, { "url": "https://github.com/apache/airflow/pull/33413", "source": "security@apache.org" diff --git a/README.md b/README.md index ebe7e1aa67f..bbd95173694 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-11-12T15:00:20.927018+00:00 +2023-11-12T17:00:18.597604+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-11-12T14:15:25.980000+00:00 +2023-11-12T15:15:07.950000+00:00 ``` ### Last Data Feed Release @@ -34,16 +34,18 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `0` -* [CVE-2023-42781](CVE-2023/CVE-2023-427xx/CVE-2023-42781.json) (`2023-11-12T14:15:25.847`) -* [CVE-2023-47037](CVE-2023/CVE-2023-470xx/CVE-2023-47037.json) (`2023-11-12T14:15:25.980`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `4` +* [CVE-2023-40611](CVE-2023/CVE-2023-406xx/CVE-2023-40611.json) (`2023-11-12T15:15:07.600`) +* [CVE-2023-42663](CVE-2023/CVE-2023-426xx/CVE-2023-42663.json) (`2023-11-12T15:15:07.773`) +* [CVE-2023-42781](CVE-2023/CVE-2023-427xx/CVE-2023-42781.json) (`2023-11-12T15:15:07.883`) +* [CVE-2023-47037](CVE-2023/CVE-2023-470xx/CVE-2023-47037.json) (`2023-11-12T15:15:07.950`) ## Download and Usage