diff --git a/CVE-2022/CVE-2022-417xx/CVE-2022-41717.json b/CVE-2022/CVE-2022-417xx/CVE-2022-41717.json index 52adb585bde..69655838320 100644 --- a/CVE-2022/CVE-2022-417xx/CVE-2022-41717.json +++ b/CVE-2022/CVE-2022-417xx/CVE-2022-41717.json @@ -2,12 +2,16 @@ "id": "CVE-2022-41717", "sourceIdentifier": "security@golang.org", "published": "2022-12-08T20:15:10.330", - "lastModified": "2023-09-15T21:15:08.820", + "lastModified": "2023-11-20T03:15:43.933", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection." + }, + { + "lang": "es", + "value": "Un atacante puede provocar un crecimiento excesivo de la memoria en un servidor Go que acepta solicitudes HTTP/2. Las conexiones del servidor HTTP/2 contienen un cach\u00e9 de claves de encabezado HTTP enviadas por el cliente. Si bien el n\u00famero total de entradas en esta cach\u00e9 est\u00e1 limitado, un atacante que env\u00eda claves muy grandes puede hacer que el servidor asigne aproximadamente 64 MiB por conexi\u00f3n abierta." } ], "metrics": { @@ -131,6 +135,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/", + "source": "security@golang.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/", "source": "security@golang.org" @@ -172,6 +180,14 @@ "Mailing List" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/", + "source": "security@golang.org" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/", + "source": "security@golang.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I/", "source": "security@golang.org" diff --git a/CVE-2022/CVE-2022-417xx/CVE-2022-41723.json b/CVE-2022/CVE-2022-417xx/CVE-2022-41723.json index f1a18e84901..81cd379ffb2 100644 --- a/CVE-2022/CVE-2022-417xx/CVE-2022-41723.json +++ b/CVE-2022/CVE-2022-417xx/CVE-2022-41723.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41723", "sourceIdentifier": "security@golang.org", "published": "2023-02-28T18:15:09.980", - "lastModified": "2023-11-08T22:15:07.997", + "lastModified": "2023-11-20T03:15:44.077", "vulnStatus": "Modified", "descriptions": [ { @@ -111,6 +111,10 @@ "Vendor Advisory" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/", + "source": "security@golang.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", "source": "security@golang.org", @@ -118,6 +122,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/", + "source": "security@golang.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", "source": "security@golang.org", @@ -132,6 +140,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/", + "source": "security@golang.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", "source": "security@golang.org", diff --git a/CVE-2023/CVE-2023-393xx/CVE-2023-39325.json b/CVE-2023/CVE-2023-393xx/CVE-2023-39325.json index d27c8b07493..d680cbedfc4 100644 --- a/CVE-2023/CVE-2023-393xx/CVE-2023-39325.json +++ b/CVE-2023/CVE-2023-393xx/CVE-2023-39325.json @@ -2,7 +2,7 @@ "id": "CVE-2023-39325", "sourceIdentifier": "security@golang.org", "published": "2023-10-11T22:15:09.880", - "lastModified": "2023-11-18T03:15:08.110", + "lastModified": "2023-11-20T03:15:44.190", "vulnStatus": "Undergoing Analysis", "descriptions": [ { @@ -132,6 +132,10 @@ "Release Notes" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/", + "source": "security@golang.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/", "source": "security@golang.org", @@ -139,6 +143,10 @@ "Mailing List" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/", + "source": "security@golang.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/", "source": "security@golang.org" @@ -162,6 +170,18 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/", "source": "security@golang.org" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/", + "source": "security@golang.org" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/", + "source": "security@golang.org" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/", + "source": "security@golang.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/", "source": "security@golang.org" @@ -170,6 +190,10 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/", "source": "security@golang.org" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/", + "source": "security@golang.org" + }, { "url": "https://pkg.go.dev/vuln/GO-2023-2102", "source": "security@golang.org", diff --git a/README.md b/README.md index fe3b25b77d1..cf51e8394b3 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-11-20T00:55:18.475355+00:00 +2023-11-20T05:00:17.447314+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-11-20T00:15:06.277000+00:00 +2023-11-20T03:15:44.190000+00:00 ``` ### Last Data Feed Release @@ -23,7 +23,7 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2023-11-19T01:00:13.571330+00:00 +2023-11-20T01:00:13.523997+00:00 ``` ### Total Number of included CVEs @@ -40,33 +40,11 @@ Recently added CVEs: `0` ### CVEs modified in the last Commit -Recently modified CVEs: `32` +Recently modified CVEs: `3` -* [CVE-2023-47649](CVE-2023/CVE-2023-476xx/CVE-2023-47649.json) (`2023-11-20T00:02:51.467`) -* [CVE-2023-47650](CVE-2023/CVE-2023-476xx/CVE-2023-47650.json) (`2023-11-20T00:02:51.467`) -* [CVE-2023-47651](CVE-2023/CVE-2023-476xx/CVE-2023-47651.json) (`2023-11-20T00:02:51.467`) -* [CVE-2023-47655](CVE-2023/CVE-2023-476xx/CVE-2023-47655.json) (`2023-11-20T00:02:51.467`) -* [CVE-2023-25985](CVE-2023/CVE-2023-259xx/CVE-2023-25985.json) (`2023-11-20T00:02:51.467`) -* [CVE-2023-28780](CVE-2023/CVE-2023-287xx/CVE-2023-28780.json) (`2023-11-20T00:02:51.467`) -* [CVE-2023-31075](CVE-2023/CVE-2023-310xx/CVE-2023-31075.json) (`2023-11-20T00:02:51.467`) -* [CVE-2023-31089](CVE-2023/CVE-2023-310xx/CVE-2023-31089.json) (`2023-11-20T00:02:51.467`) -* [CVE-2023-32245](CVE-2023/CVE-2023-322xx/CVE-2023-32245.json) (`2023-11-20T00:02:51.467`) -* [CVE-2023-32504](CVE-2023/CVE-2023-325xx/CVE-2023-32504.json) (`2023-11-20T00:02:51.467`) -* [CVE-2023-32514](CVE-2023/CVE-2023-325xx/CVE-2023-32514.json) (`2023-11-20T00:02:51.467`) -* [CVE-2023-41129](CVE-2023/CVE-2023-411xx/CVE-2023-41129.json) (`2023-11-20T00:02:51.467`) -* [CVE-2023-5341](CVE-2023/CVE-2023-53xx/CVE-2023-5341.json) (`2023-11-20T00:02:51.467`) -* [CVE-2023-38361](CVE-2023/CVE-2023-383xx/CVE-2023-38361.json) (`2023-11-20T00:02:59.753`) -* [CVE-2023-40363](CVE-2023/CVE-2023-403xx/CVE-2023-40363.json) (`2023-11-20T00:02:59.753`) -* [CVE-2023-48736](CVE-2023/CVE-2023-487xx/CVE-2023-48736.json) (`2023-11-20T00:02:59.753`) -* [CVE-2023-47664](CVE-2023/CVE-2023-476xx/CVE-2023-47664.json) (`2023-11-20T00:02:59.753`) -* [CVE-2023-47666](CVE-2023/CVE-2023-476xx/CVE-2023-47666.json) (`2023-11-20T00:02:59.753`) -* [CVE-2023-47667](CVE-2023/CVE-2023-476xx/CVE-2023-47667.json) (`2023-11-20T00:02:59.753`) -* [CVE-2023-47670](CVE-2023/CVE-2023-476xx/CVE-2023-47670.json) (`2023-11-20T00:02:59.753`) -* [CVE-2023-47671](CVE-2023/CVE-2023-476xx/CVE-2023-47671.json) (`2023-11-20T00:02:59.753`) -* [CVE-2023-47672](CVE-2023/CVE-2023-476xx/CVE-2023-47672.json) (`2023-11-20T00:02:59.753`) -* [CVE-2023-47685](CVE-2023/CVE-2023-476xx/CVE-2023-47685.json) (`2023-11-20T00:02:59.753`) -* [CVE-2023-47243](CVE-2023/CVE-2023-472xx/CVE-2023-47243.json) (`2023-11-20T00:02:59.753`) -* [CVE-2023-31102](CVE-2023/CVE-2023-311xx/CVE-2023-31102.json) (`2023-11-20T00:15:06.277`) +* [CVE-2022-41717](CVE-2022/CVE-2022-417xx/CVE-2022-41717.json) (`2023-11-20T03:15:43.933`) +* [CVE-2022-41723](CVE-2022/CVE-2022-417xx/CVE-2022-41723.json) (`2023-11-20T03:15:44.077`) +* [CVE-2023-39325](CVE-2023/CVE-2023-393xx/CVE-2023-39325.json) (`2023-11-20T03:15:44.190`) ## Download and Usage