From d4e690641e21a923c2346db83f2d7df39c479394 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 11 Aug 2023 10:00:33 +0000 Subject: [PATCH] Auto-Update: 2023-08-11T10:00:29.609297+00:00 --- CVE-2023/CVE-2023-395xx/CVE-2023-39553.json | 36 +++++++++++++++++++++ README.md | 19 +++-------- 2 files changed, 41 insertions(+), 14 deletions(-) create mode 100644 CVE-2023/CVE-2023-395xx/CVE-2023-39553.json diff --git a/CVE-2023/CVE-2023-395xx/CVE-2023-39553.json b/CVE-2023/CVE-2023-395xx/CVE-2023-39553.json new file mode 100644 index 00000000000..72382d1a365 --- /dev/null +++ b/CVE-2023/CVE-2023-395xx/CVE-2023-39553.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-39553", + "sourceIdentifier": "security@apache.org", + "published": "2023-08-11T08:15:09.103", + "lastModified": "2023-08-11T08:15:09.103", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.\n\nApache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read files on the Airflow server.\nThis issue affects Apache Airflow Drill Provider: before 2.4.3.\nIt is recommended to upgrade to a version that is not affected.\n\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/apache/airflow/pull/33074", + "source": "security@apache.org" + }, + { + "url": "https://lists.apache.org/thread/ozpl0opmob49rkcz8svo8wkxyw1395sf", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 38e28fdd9e6..53b6d11ae15 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-11T08:00:29.205143+00:00 +2023-08-11T10:00:29.609297+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-11T07:15:10.070000+00:00 +2023-08-11T08:15:09.103000+00:00 ``` ### Last Data Feed Release @@ -29,23 +29,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -222441 +222442 ``` ### CVEs added in the last Commit -Recently added CVEs: `10` +Recently added CVEs: `1` -* [CVE-2023-3823](CVE-2023/CVE-2023-38xx/CVE-2023-3823.json) (`2023-08-11T06:15:09.283`) -* [CVE-2023-3824](CVE-2023/CVE-2023-38xx/CVE-2023-3824.json) (`2023-08-11T06:15:10.560`) -* [CVE-2023-40253](CVE-2023/CVE-2023-402xx/CVE-2023-40253.json) (`2023-08-11T06:15:10.673`) -* [CVE-2023-40260](CVE-2023/CVE-2023-402xx/CVE-2023-40260.json) (`2023-08-11T06:15:10.787`) -* [CVE-2023-40254](CVE-2023/CVE-2023-402xx/CVE-2023-40254.json) (`2023-08-11T07:15:09.423`) -* [CVE-2023-40267](CVE-2023/CVE-2023-402xx/CVE-2023-40267.json) (`2023-08-11T07:15:09.647`) -* [CVE-2023-4105](CVE-2023/CVE-2023-41xx/CVE-2023-4105.json) (`2023-08-11T07:15:09.740`) -* [CVE-2023-4106](CVE-2023/CVE-2023-41xx/CVE-2023-4106.json) (`2023-08-11T07:15:09.853`) -* [CVE-2023-4107](CVE-2023/CVE-2023-41xx/CVE-2023-4107.json) (`2023-08-11T07:15:09.963`) -* [CVE-2023-4108](CVE-2023/CVE-2023-41xx/CVE-2023-4108.json) (`2023-08-11T07:15:10.070`) +* [CVE-2023-39553](CVE-2023/CVE-2023-395xx/CVE-2023-39553.json) (`2023-08-11T08:15:09.103`) ### CVEs modified in the last Commit