admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-04T02:00:27.880127+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-04 02:00:31 +00:00
parent f66ebe079f
commit ed9bb680ed
14 changed files with 655 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
CVE-2020/CVE-2020-230xx/CVE-2020-23064.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2020-23064",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T19:15:09.450",
"lastModified": "2023-06-27T13:15:09.227",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-04T01:38:31.623",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.2.0",
"versionEndExcluding": "3.5.0",
"matchCriteriaId": "8BE6EB8F-B9E9-4B1C-B74E-E577348632E2"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://snyk.io/vuln/SNYK-JS-JQUERY-565129",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2020/CVE-2020-230xx/CVE-2020-23065.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2020-23065",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T19:15:09.517",
"lastModified": "2023-06-26T22:13:28.460",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-04T01:45:34.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerabiltiy in eZ Systems AS eZPublish Platform v.5.4 and eZ Publish Legacy v.5.4 allows a remote authenticated attacker to execute arbitrary code via the video-js.swf."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibexa:ezpublish_legacy:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2607BF4C-C13E-442B-8C49-61200EEC245F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibexa:ezpublish_platform:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DCF31C61-8CD8-4018-B516-5138C41307B7"
}
]
}
]
}
],
"references": [
{
"url": "https://ezplatform.com/security-advisories/ezsa-2020-003-xss-in-demobundle-ezdemo-bundled-videojs",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

10
CVE-2022/CVE-2022-346xx/CVE-2022-34671.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-34671",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2022-12-30T23:15:09.430",
"lastModified": "2023-01-11T20:17:03.370",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-04T00:15:09.273",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds write, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering."
"value": "\nNVIDIA GPU Display Driver for Windows contains a vulnerability in the user-mode layer, where an unprivileged user can cause an out-of-bounds write, which may lead to code execution, information disclosure, and denial of service.\n\n\n\n"
}
],
"metrics": {
@ -267,6 +267,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5468",
"source": "psirt@nvidia.com"
}
]
}

24
CVE-2023/CVE-2023-229xx/CVE-2023-22906.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-22906",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-04T00:15:09.407",
"lastModified": "2023-07-04T00:15:09.407",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Hero Qubo HCD01_02_V1.38_20220125 devices allow TELNET access with root privileges by default, without a password."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/nonamecoder/CVE-2023-22906",
"source": "cve@mitre.org"
},
{
"url": "https://twitter.com/ayyappan162010/status/1610764707753000960",
"source": "cve@mitre.org"
}
]
}

32
CVE-2023/CVE-2023-255xx/CVE-2023-25515.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-25515",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-06-23T18:15:10.887",
"lastModified": "2023-07-03T19:15:31.923",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-04T00:15:09.457",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "\nNVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity. \n\n"
"value": "\n\n\nNVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure.\n\n \n\n"
}
],
"metrics": {
@ -37,20 +37,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.5,
"impactScore": 6.0
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
@ -71,7 +71,7 @@
"description": [
{
"lang": "en",
"value": "CWE-923"
"value": "CWE-822"
}
]
}
@ -426,12 +426,8 @@
],
"references": [
{
"url": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466",
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5468",
"source": "psirt@nvidia.com"
}
]
}

55
CVE-2023/CVE-2023-255xx/CVE-2023-25516.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25516",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-07-04T00:15:09.587",
"lastModified": "2023-07-04T00:15:09.587",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nNVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause an integer overflow, which may lead to information disclosure and denial of service.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"references": [
{
"url": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5468",
"source": "psirt@nvidia.com"
}
]
}

55
CVE-2023/CVE-2023-255xx/CVE-2023-25517.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25517",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-07-04T00:15:09.653",
"lastModified": "2023-07-04T00:15:09.653",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nNVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a guest OS may be able to control resources for which it is not authorized, which may lead to information disclosure and data tampering.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5468",
"source": "psirt@nvidia.com"
}
]
}

74
CVE-2023/CVE-2023-255xx/CVE-2023-25518.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25518",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-06-23T18:15:10.970",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-04T01:52:44.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@nvidia.com",
"type": "Secondary",
@ -46,10 +76,48 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"versionEndExcluding": "32.7.4",
"matchCriteriaId": "4F98866A-11A7-4529-B67F-106637A95767"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0"
}
]
}
]
}
],
"references": [
{
"url": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466",
"source": "psirt@nvidia.com"
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-255xx/CVE-2023-25521.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25521",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-07-04T00:15:09.727",
"lastModified": "2023-07-04T00:15:09.727",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\nNVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause execution with unnecessary privileges by leveraging a weakness whereby proper input parameter validation is not performed. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering.\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-250"
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5461",
"source": "psirt@nvidia.com"
}
]
}

55
CVE-2023/CVE-2023-255xx/CVE-2023-25522.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25522",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-07-04T00:15:09.797",
"lastModified": "2023-07-04T00:15:09.797",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\nNVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause improper input validation by providing configuration information in an unexpected format. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering.\n\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5461",
"source": "psirt@nvidia.com"
}
]
}

55
CVE-2023/CVE-2023-255xx/CVE-2023-25523.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25523",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-07-04T00:15:09.857",
"lastModified": "2023-07-04T00:15:09.857",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\nNVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5469",
"source": "psirt@nvidia.com"
}
]
}

59
CVE-2023/CVE-2023-309xx/CVE-2023-30990.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-30990",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-04T00:15:09.927",
"lastModified": "2023-07-04T00:15:09.927",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM i 7.2, 7.3, 7.4, and 7.5 could allow a remote attacker to execute CL commands as QUSER, caused by an exploitation of DDM architecture. IBM X-Force ID: 254036."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254036",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7008573",
"source": "psirt@us.ibm.com"
}
]
}

63
CVE-2023/CVE-2023-359xx/CVE-2023-35931.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35931",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T20:15:09.357",
"lastModified": "2023-06-24T12:41:30.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-04T01:55:42.670",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +66,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shescape_project:shescape:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "1.7.1",
"matchCriteriaId": "FD2B2F90-B50D-4B40-8397-FA1731E34DB8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ericcornelissen/shescape/commit/d0fce70f987ac0d8331f93cb45d47e79436173ac",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/ericcornelissen/shescape/pull/982",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/ericcornelissen/shescape/releases/tag/v1.7.1",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/ericcornelissen/shescape/security/advisories/GHSA-3g7p-8qhx-mc8r",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

65
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-07-03T22:00:26.306309+00:00
2023-07-04T02:00:27.880127+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-07-03T21:15:10.107000+00:00
2023-07-04T01:55:42.670000+00:00
```
### Last Data Feed Release
@ -23,65 +23,38 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2023-07-03T00:00:13.528320+00:00
2023-07-04T00:00:13.544234+00:00
```
### Total Number of included CVEs
```plain
219087
219094
```
### CVEs added in the last Commit
Recently added CVEs: `20`
Recently added CVEs: `7`
* [CVE-2020-22151](CVE-2020/CVE-2020-221xx/CVE-2020-22151.json) (`2023-07-03T21:15:09.240`)
* [CVE-2020-22152](CVE-2020/CVE-2020-221xx/CVE-2020-22152.json) (`2023-07-03T21:15:09.293`)
* [CVE-2020-22153](CVE-2020/CVE-2020-221xx/CVE-2020-22153.json) (`2023-07-03T21:15:09.340`)
* [CVE-2020-22597](CVE-2020/CVE-2020-225xx/CVE-2020-22597.json) (`2023-07-03T21:15:09.383`)
* [CVE-2023-36608](CVE-2023/CVE-2023-366xx/CVE-2023-36608.json) (`2023-07-03T20:15:09.450`)
* [CVE-2023-36609](CVE-2023/CVE-2023-366xx/CVE-2023-36609.json) (`2023-07-03T20:15:09.537`)
* [CVE-2023-37378](CVE-2023/CVE-2023-373xx/CVE-2023-37378.json) (`2023-07-03T20:15:09.620`)
* [CVE-2023-2727](CVE-2023/CVE-2023-27xx/CVE-2023-2727.json) (`2023-07-03T21:15:09.480`)
* [CVE-2023-2728](CVE-2023/CVE-2023-27xx/CVE-2023-2728.json) (`2023-07-03T21:15:09.557`)
* [CVE-2023-36162](CVE-2023/CVE-2023-361xx/CVE-2023-36162.json) (`2023-07-03T21:15:09.620`)
* [CVE-2023-36183](CVE-2023/CVE-2023-361xx/CVE-2023-36183.json) (`2023-07-03T21:15:09.663`)
* [CVE-2023-36222](CVE-2023/CVE-2023-362xx/CVE-2023-36222.json) (`2023-07-03T21:15:09.707`)
* [CVE-2023-36223](CVE-2023/CVE-2023-362xx/CVE-2023-36223.json) (`2023-07-03T21:15:09.750`)
* [CVE-2023-36258](CVE-2023/CVE-2023-362xx/CVE-2023-36258.json) (`2023-07-03T21:15:09.797`)
* [CVE-2023-36262](CVE-2023/CVE-2023-362xx/CVE-2023-36262.json) (`2023-07-03T21:15:09.837`)
* [CVE-2023-36291](CVE-2023/CVE-2023-362xx/CVE-2023-36291.json) (`2023-07-03T21:15:09.883`)
* [CVE-2023-36377](CVE-2023/CVE-2023-363xx/CVE-2023-36377.json) (`2023-07-03T21:15:09.923`)
* [CVE-2023-36610](CVE-2023/CVE-2023-366xx/CVE-2023-36610.json) (`2023-07-03T21:15:09.967`)
* [CVE-2023-36611](CVE-2023/CVE-2023-366xx/CVE-2023-36611.json) (`2023-07-03T21:15:10.037`)
* [CVE-2023-3395](CVE-2023/CVE-2023-33xx/CVE-2023-3395.json) (`2023-07-03T21:15:10.107`)
* [CVE-2023-22906](CVE-2023/CVE-2023-229xx/CVE-2023-22906.json) (`2023-07-04T00:15:09.407`)
* [CVE-2023-25516](CVE-2023/CVE-2023-255xx/CVE-2023-25516.json) (`2023-07-04T00:15:09.587`)
* [CVE-2023-25517](CVE-2023/CVE-2023-255xx/CVE-2023-25517.json) (`2023-07-04T00:15:09.653`)
* [CVE-2023-25521](CVE-2023/CVE-2023-255xx/CVE-2023-25521.json) (`2023-07-04T00:15:09.727`)
* [CVE-2023-25522](CVE-2023/CVE-2023-255xx/CVE-2023-25522.json) (`2023-07-04T00:15:09.797`)
* [CVE-2023-25523](CVE-2023/CVE-2023-255xx/CVE-2023-25523.json) (`2023-07-04T00:15:09.857`)
* [CVE-2023-30990](CVE-2023/CVE-2023-309xx/CVE-2023-30990.json) (`2023-07-04T00:15:09.927`)
### CVEs modified in the last Commit
Recently modified CVEs: `20`
Recently modified CVEs: `6`
* [CVE-2022-24719](CVE-2022/CVE-2022-247xx/CVE-2022-24719.json) (`2023-07-03T20:33:34.237`)
* [CVE-2022-23730](CVE-2022/CVE-2022-237xx/CVE-2022-23730.json) (`2023-07-03T20:33:45.863`)
* [CVE-2022-23727](CVE-2022/CVE-2022-237xx/CVE-2022-23727.json) (`2023-07-03T20:34:03.637`)
* [CVE-2022-23719](CVE-2022/CVE-2022-237xx/CVE-2022-23719.json) (`2023-07-03T20:34:16.163`)
* [CVE-2022-23714](CVE-2022/CVE-2022-237xx/CVE-2022-23714.json) (`2023-07-03T20:34:29.593`)
* [CVE-2022-23708](CVE-2022/CVE-2022-237xx/CVE-2022-23708.json) (`2023-07-03T20:34:44.583`)
* [CVE-2022-21817](CVE-2022/CVE-2022-218xx/CVE-2022-21817.json) (`2023-07-03T20:34:54.417`)
* [CVE-2022-21816](CVE-2022/CVE-2022-218xx/CVE-2022-21816.json) (`2023-07-03T20:35:17.977`)
* [CVE-2022-24762](CVE-2022/CVE-2022-247xx/CVE-2022-24762.json) (`2023-07-03T20:35:28.853`)
* [CVE-2022-24754](CVE-2022/CVE-2022-247xx/CVE-2022-24754.json) (`2023-07-03T20:35:39.967`)
* [CVE-2022-24723](CVE-2022/CVE-2022-247xx/CVE-2022-24723.json) (`2023-07-03T20:35:47.993`)
* [CVE-2022-24720](CVE-2022/CVE-2022-247xx/CVE-2022-24720.json) (`2023-07-03T20:35:53.343`)
* [CVE-2022-4115](CVE-2022/CVE-2022-41xx/CVE-2022-4115.json) (`2023-07-03T20:37:29.117`)
* [CVE-2023-2580](CVE-2023/CVE-2023-25xx/CVE-2023-2580.json) (`2023-07-03T20:05:34.090`)
* [CVE-2023-2482](CVE-2023/CVE-2023-24xx/CVE-2023-2482.json) (`2023-07-03T20:07:45.610`)
* [CVE-2023-2326](CVE-2023/CVE-2023-23xx/CVE-2023-2326.json) (`2023-07-03T20:23:43.963`)
* [CVE-2023-0588](CVE-2023/CVE-2023-05xx/CVE-2023-0588.json) (`2023-07-03T20:28:13.577`)
* [CVE-2023-36819](CVE-2023/CVE-2023-368xx/CVE-2023-36819.json) (`2023-07-03T20:31:37.327`)
* [CVE-2023-35925](CVE-2023/CVE-2023-359xx/CVE-2023-35925.json) (`2023-07-03T20:46:49.440`)
* [CVE-2023-26273](CVE-2023/CVE-2023-262xx/CVE-2023-26273.json) (`2023-07-03T20:48:51.157`)
* [CVE-2020-23064](CVE-2020/CVE-2020-230xx/CVE-2020-23064.json) (`2023-07-04T01:38:31.623`)
* [CVE-2020-23065](CVE-2020/CVE-2020-230xx/CVE-2020-23065.json) (`2023-07-04T01:45:34.067`)
* [CVE-2022-34671](CVE-2022/CVE-2022-346xx/CVE-2022-34671.json) (`2023-07-04T00:15:09.273`)
* [CVE-2023-25515](CVE-2023/CVE-2023-255xx/CVE-2023-25515.json) (`2023-07-04T00:15:09.457`)
* [CVE-2023-25518](CVE-2023/CVE-2023-255xx/CVE-2023-25518.json) (`2023-07-04T01:52:44.287`)
* [CVE-2023-35931](CVE-2023/CVE-2023-359xx/CVE-2023-35931.json) (`2023-07-04T01:55:42.670`)
## Download and Usage