Auto-Update: 2023-07-14T10:00:31.124238+00:00

CVE-2023/CVE-2023-341xx/CVE-2023-34150.json

@@ -2,12 +2,12 @@
   "id": "CVE-2023-34150",
   "sourceIdentifier": "security@apache.org",
   "published": "2023-07-05T08:15:09.143",
-  "lastModified": "2023-07-12T13:47:47.377",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2023-07-14T09:15:09.203",
+  "vulnStatus": "Modified",
   "descriptions": [
     {
       "lang": "en",
-      "value": "** UNSUPPORTED WHEN ASSIGNED **\u00a0Use of TikaEncodingDetector in Apache Any23 can cause excessive memory usage."
+      "value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED **\u00a0Use of TikaEncodingDetector in Apache Any23 can cause excessive memory usage."
     }
   ],
   "metrics": {
@@ -56,22 +56,22 @@
   },
   "weaknesses": [
     {
-      "source": "nvd@nist.gov",
+      "source": "security@apache.org",
       "type": "Primary",
       "description": [
         {
           "lang": "en",
-          "value": "NVD-CWE-noinfo"
+          "value": "CWE-20"
         }
       ]
     },
     {
-      "source": "security@apache.org",
+      "source": "nvd@nist.gov",
       "type": "Secondary",
       "description": [
         {
           "lang": "en",
-          "value": "CWE-20"
+          "value": "NVD-CWE-noinfo"
         }
       ]
     }

CVE-2023/CVE-2023-36xx/CVE-2023-3648.json

@@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-3648",
+  "sourceIdentifier": "cve@gitlab.com",
+  "published": "2023-07-14T07:15:08.387",
+  "lastModified": "2023-07-14T07:15:08.387",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@gitlab.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 3.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@gitlab.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-762"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://gitlab.com/wireshark/wireshark/-/issues/19105",
+      "source": "cve@gitlab.com"
+    },
+    {
+      "url": "https://www.wireshark.org/security/wnpa-sec-2023-21.html",
+      "source": "cve@gitlab.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-36xx/CVE-2023-3649.json

@@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-3649",
+  "sourceIdentifier": "cve@gitlab.com",
+  "published": "2023-07-14T07:15:08.593",
+  "lastModified": "2023-07-14T07:15:08.593",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@gitlab.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 3.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@gitlab.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-126"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://gitlab.com/wireshark/wireshark/-/issues/19164",
+      "source": "cve@gitlab.com"
+    },
+    {
+      "url": "https://www.wireshark.org/security/wnpa-sec-2023-22.html",
+      "source": "cve@gitlab.com"
+    }
+  ]
+}

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-07-14T06:00:29.143983+00:00
+2023-07-14T10:00:31.124238+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-07-14T05:15:09.763000+00:00
+2023-07-14T09:15:09.203000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,23 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-220296
+220298
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `4`
+Recently added CVEs: `2`
 
-* [CVE-2023-2082](CVE-2023/CVE-2023-20xx/CVE-2023-2082.json) (`2023-07-14T05:15:09.397`)
-* [CVE-2023-38286](CVE-2023/CVE-2023-382xx/CVE-2023-38286.json) (`2023-07-14T05:15:09.627`)
-* [CVE-2023-3513](CVE-2023/CVE-2023-35xx/CVE-2023-3513.json) (`2023-07-14T05:15:09.683`)
-* [CVE-2023-3514](CVE-2023/CVE-2023-35xx/CVE-2023-3514.json) (`2023-07-14T05:15:09.763`)
+* [CVE-2023-3648](CVE-2023/CVE-2023-36xx/CVE-2023-3648.json) (`2023-07-14T07:15:08.387`)
+* [CVE-2023-3649](CVE-2023/CVE-2023-36xx/CVE-2023-3649.json) (`2023-07-14T07:15:08.593`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `1`
 
+* [CVE-2023-34150](CVE-2023/CVE-2023-341xx/CVE-2023-34150.json) (`2023-07-14T09:15:09.203`)
 
 
 ## Download and Usage