admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-24T06:00:29.169651+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-24 06:00:32 +00:00
parent c3426869d6
commit d9588658a3
5 changed files with 418 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
CVE-2023/CVE-2023-43xx/CVE-2023-4357.json
View File

@ -2,31 +2,123 @@
"id": "CVE-2023-4357",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-15T18:15:12.247",
"lastModified": "2023-08-20T03:15:18.023",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-08-24T05:01:10.127",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "116.0.5845.96",
"matchCriteriaId": "40820217-BB18-474A-8520-109C1635D656"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://crbug.com/1458911",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5479",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

106
CVE-2023/CVE-2023-43xx/CVE-2023-4358.json
View File

@ -2,31 +2,123 @@
"id": "CVE-2023-4358",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-15T18:15:12.397",
"lastModified": "2023-08-20T03:15:18.197",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-08-24T04:51:54.440",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Use after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "116.0.5845.96",
"matchCriteriaId": "40820217-BB18-474A-8520-109C1635D656"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://crbug.com/1466415",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5479",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

119
CVE-2023/CVE-2023-43xx/CVE-2023-4359.json
View File

@ -2,31 +2,136 @@
"id": "CVE-2023-4359",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-15T18:15:12.637",
"lastModified": "2023-08-20T03:15:18.473",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-08-24T04:51:26.233",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. (Chromium security severity: Medium)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "116.0.5845.96",
"matchCriteriaId": "40820217-BB18-474A-8520-109C1635D656"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5415705-33E5-46D5-8E4D-9EBADC8C5705"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Third Party Advisory"
]
},
{
"url": "https://crbug.com/1443722",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5479",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

107
CVE-2023/CVE-2023-43xx/CVE-2023-4360.json
View File

@ -2,31 +2,124 @@
"id": "CVE-2023-4360",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-15T18:15:12.863",
"lastModified": "2023-08-20T03:15:18.630",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-08-24T04:51:09.303",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "116.0.5845.96",
"matchCriteriaId": "40820217-BB18-474A-8520-109C1635D656"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://crbug.com/1462723",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5479",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

40
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-08-24T04:00:37.333167+00:00
2023-08-24T06:00:29.169651+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-08-24T03:15:08.287000+00:00
2023-08-24T05:01:10.127000+00:00
```
### Last Data Feed Release
@ -34,42 +34,18 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `0`
* [CVE-2023-32559](CVE-2023/CVE-2023-325xx/CVE-2023-32559.json) (`2023-08-24T02:15:09.210`)
* [CVE-2023-40572](CVE-2023/CVE-2023-405xx/CVE-2023-40572.json) (`2023-08-24T02:15:09.643`)
* [CVE-2023-40573](CVE-2023/CVE-2023-405xx/CVE-2023-40573.json) (`2023-08-24T02:15:09.973`)
### CVEs modified in the last Commit
Recently modified CVEs: `30`
Recently modified CVEs: `4`
* [CVE-2023-20200](CVE-2023/CVE-2023-202xx/CVE-2023-20200.json) (`2023-08-24T02:02:17.167`)
* [CVE-2023-20230](CVE-2023/CVE-2023-202xx/CVE-2023-20230.json) (`2023-08-24T02:02:17.167`)
* [CVE-2023-20234](CVE-2023/CVE-2023-202xx/CVE-2023-20234.json) (`2023-08-24T02:02:17.167`)
* [CVE-2023-40612](CVE-2023/CVE-2023-406xx/CVE-2023-40612.json) (`2023-08-24T02:02:17.167`)
* [CVE-2023-40025](CVE-2023/CVE-2023-400xx/CVE-2023-40025.json) (`2023-08-24T02:02:17.167`)
* [CVE-2023-40176](CVE-2023/CVE-2023-401xx/CVE-2023-40176.json) (`2023-08-24T02:02:17.167`)
* [CVE-2023-40035](CVE-2023/CVE-2023-400xx/CVE-2023-40035.json) (`2023-08-24T02:02:17.167`)
* [CVE-2023-40177](CVE-2023/CVE-2023-401xx/CVE-2023-40177.json) (`2023-08-24T02:02:17.167`)
* [CVE-2023-40178](CVE-2023/CVE-2023-401xx/CVE-2023-40178.json) (`2023-08-24T02:02:17.167`)
* [CVE-2023-40185](CVE-2023/CVE-2023-401xx/CVE-2023-40185.json) (`2023-08-24T02:02:17.167`)
* [CVE-2023-32202](CVE-2023/CVE-2023-322xx/CVE-2023-32202.json) (`2023-08-24T02:02:17.167`)
* [CVE-2023-36317](CVE-2023/CVE-2023-363xx/CVE-2023-36317.json) (`2023-08-24T02:02:17.167`)
* [CVE-2023-38422](CVE-2023/CVE-2023-384xx/CVE-2023-38422.json) (`2023-08-24T02:02:17.167`)
* [CVE-2023-3453](CVE-2023/CVE-2023-34xx/CVE-2023-3453.json) (`2023-08-24T02:02:17.167`)
* [CVE-2023-41028](CVE-2023/CVE-2023-410xx/CVE-2023-41028.json) (`2023-08-24T02:02:17.167`)
* [CVE-2023-38831](CVE-2023/CVE-2023-388xx/CVE-2023-38831.json) (`2023-08-24T02:02:23.930`)
* [CVE-2023-20115](CVE-2023/CVE-2023-201xx/CVE-2023-20115.json) (`2023-08-24T02:02:23.930`)
* [CVE-2023-20168](CVE-2023/CVE-2023-201xx/CVE-2023-20168.json) (`2023-08-24T02:02:23.930`)
* [CVE-2023-20169](CVE-2023/CVE-2023-201xx/CVE-2023-20169.json) (`2023-08-24T02:02:23.930`)
* [CVE-2023-40360](CVE-2023/CVE-2023-403xx/CVE-2023-40360.json) (`2023-08-24T02:19:25.093`)
* [CVE-2023-2157](CVE-2023/CVE-2023-21xx/CVE-2023-2157.json) (`2023-08-24T03:15:07.590`)
* [CVE-2023-34474](CVE-2023/CVE-2023-344xx/CVE-2023-34474.json) (`2023-08-24T03:15:08.007`)
* [CVE-2023-34475](CVE-2023/CVE-2023-344xx/CVE-2023-34475.json) (`2023-08-24T03:15:08.107`)
* [CVE-2023-39976](CVE-2023/CVE-2023-399xx/CVE-2023-39976.json) (`2023-08-24T03:15:08.193`)
* [CVE-2023-3195](CVE-2023/CVE-2023-31xx/CVE-2023-3195.json) (`2023-08-24T03:15:08.287`)
* [CVE-2023-4360](CVE-2023/CVE-2023-43xx/CVE-2023-4360.json) (`2023-08-24T04:51:09.303`)
* [CVE-2023-4359](CVE-2023/CVE-2023-43xx/CVE-2023-4359.json) (`2023-08-24T04:51:26.233`)
* [CVE-2023-4358](CVE-2023/CVE-2023-43xx/CVE-2023-4358.json) (`2023-08-24T04:51:54.440`)
* [CVE-2023-4357](CVE-2023/CVE-2023-43xx/CVE-2023-4357.json) (`2023-08-24T05:01:10.127`)
## Download and Usage