Auto-Update: 2023-05-04T18:00:29.167574+00:00

2025-05-08 19:47:09 +00:00 · 2023-05-04 20:00:31 +02:00 · 2023-05-04 20:00:31 +02:00 · fc4abb6764
commit fc4abb6764
parent 21be97097b
2 changed files with 90 additions and 38 deletions
--- a/CVE-2023/CVE-2023-294xx/CVE-2023-29469.json
+++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29469.json
@ -2,27 +2,106 @@
  "id": "CVE-2023-29469",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-04-24T21:15:09.230",
-  "lastModified": "2023-04-30T14:15:46.727",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-05-04T16:06:52.953",
+  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\\0' value)."
    }
  ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-415"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
+              "versionEndExcluding": "2.10.4",
+              "matchCriteriaId": "2C473D3A-61FB-43E4-B342-9B1CC622F18F"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
+              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
+            }
+          ]
+        }
+      ]
+    }
+  ],
  "references": [
    {
      "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/510",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Issue Tracking",
+        "Vendor Advisory"
+      ]
    },
    {
      "url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Release Notes"
+      ]
    },
    {
      "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html",
-      "source": "cve@mitre.org"
+      "source": "cve@mitre.org",
+      "tags": [
+        "Mailing List",
+        "Third Party Advisory"
+      ]
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-05-04T16:00:25.332114+00:00
+2023-05-04T18:00:29.167574+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-05-04T15:55:03.020000+00:00
+2023-05-04T16:06:52.953000+00:00
 ```

 ### Last Data Feed Release
@ -34,42 +34,15 @@ Download and Changelog: [Click](releases/latest)

 ### CVEs added in the last Commit

-Recently added CVEs: `6`
+Recently added CVEs: `0`

-* [CVE-2023-23470](CVE-2023/CVE-2023-234xx/CVE-2023-23470.json) (`2023-05-04T14:15:08.847`)
-* [CVE-2023-24958](CVE-2023/CVE-2023-249xx/CVE-2023-24958.json) (`2023-05-04T14:15:10.173`)
-* [CVE-2023-26010](CVE-2023/CVE-2023-260xx/CVE-2023-26010.json) (`2023-05-04T14:15:10.593`)
-* [CVE-2023-26012](CVE-2023/CVE-2023-260xx/CVE-2023-26012.json) (`2023-05-04T14:15:11.090`)
-* [CVE-2023-29827](CVE-2023/CVE-2023-298xx/CVE-2023-29827.json) (`2023-05-04T14:15:11.363`)
-* [CVE-2023-30619](CVE-2023/CVE-2023-306xx/CVE-2023-30619.json) (`2023-05-04T14:15:11.663`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `22`
+Recently modified CVEs: `1`

-* [CVE-2022-29604](CVE-2022/CVE-2022-296xx/CVE-2022-29604.json) (`2023-05-04T15:38:23.023`)
-* [CVE-2022-29605](CVE-2022/CVE-2022-296xx/CVE-2022-29605.json) (`2023-05-04T15:35:35.327`)
-* [CVE-2023-1624](CVE-2023/CVE-2023-16xx/CVE-2023-1624.json) (`2023-05-04T15:30:50.530`)
-* [CVE-2023-2006](CVE-2023/CVE-2023-20xx/CVE-2023-2006.json) (`2023-05-04T14:42:56.097`)
-* [CVE-2023-2019](CVE-2023/CVE-2023-20xx/CVE-2023-2019.json) (`2023-05-04T14:42:28.350`)
-* [CVE-2023-2250](CVE-2023/CVE-2023-22xx/CVE-2023-2250.json) (`2023-05-04T14:41:52.360`)
-* [CVE-2023-2257](CVE-2023/CVE-2023-22xx/CVE-2023-2257.json) (`2023-05-04T15:55:03.020`)
-* [CVE-2023-2282](CVE-2023/CVE-2023-22xx/CVE-2023-2282.json) (`2023-05-04T15:16:53.583`)
-* [CVE-2023-22914](CVE-2023/CVE-2023-229xx/CVE-2023-22914.json) (`2023-05-04T14:32:03.143`)
-* [CVE-2023-22915](CVE-2023/CVE-2023-229xx/CVE-2023-22915.json) (`2023-05-04T14:44:10.363`)
-* [CVE-2023-23451](CVE-2023/CVE-2023-234xx/CVE-2023-23451.json) (`2023-05-04T15:24:37.877`)
-* [CVE-2023-26061](CVE-2023/CVE-2023-260xx/CVE-2023-26061.json) (`2023-05-04T15:20:01.543`)
-* [CVE-2023-28086](CVE-2023/CVE-2023-280xx/CVE-2023-28086.json) (`2023-05-04T14:56:37.440`)
-* [CVE-2023-28087](CVE-2023/CVE-2023-280xx/CVE-2023-28087.json) (`2023-05-04T14:53:25.137`)
-* [CVE-2023-28088](CVE-2023/CVE-2023-280xx/CVE-2023-28088.json) (`2023-05-04T14:30:04.933`)
-* [CVE-2023-28089](CVE-2023/CVE-2023-280xx/CVE-2023-28089.json) (`2023-05-04T14:27:34.107`)
-* [CVE-2023-28090](CVE-2023/CVE-2023-280xx/CVE-2023-28090.json) (`2023-05-04T14:16:23.857`)
-* [CVE-2023-29019](CVE-2023/CVE-2023-290xx/CVE-2023-29019.json) (`2023-05-04T14:43:34.297`)
-* [CVE-2023-29780](CVE-2023/CVE-2023-297xx/CVE-2023-29780.json) (`2023-05-04T15:54:20.907`)
-* [CVE-2023-30623](CVE-2023/CVE-2023-306xx/CVE-2023-30623.json) (`2023-05-04T15:54:43.193`)
-* [CVE-2023-30626](CVE-2023/CVE-2023-306xx/CVE-2023-30626.json) (`2023-05-04T14:09:25.893`)
-* [CVE-2023-30627](CVE-2023/CVE-2023-306xx/CVE-2023-30627.json) (`2023-05-04T14:02:22.583`)
+* [CVE-2023-29469](CVE-2023/CVE-2023-294xx/CVE-2023-29469.json) (`2023-05-04T16:06:52.953`)


 ## Download and Usage