admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-04-06T18:00:30.764170+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-04-06 18:03:23 +00:00
parent 552ddff155
commit 0caf3a613f
5 changed files with 85 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
CVE-2024/CVE-2024-04xx/CVE-2024-0406.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-0406",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-04-06T17:15:07.127",
"lastModified": "2024-04-06T17:15:07.127",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A flaw was discovered in the mholt/archiver package. This flaw allows an attacker to create a specially crafted tar file, which, when unpacked, may allow access to restricted files or directories. This issue can allow the creation or overwriting of files with the user's or application's privileges using the library."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-0406",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257749",
"source": "secalert@redhat.com"
}
]
}

8
CVE-2024/CVE-2024-32xx/CVE-2024-3203.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-3203",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-02T22:15:10.320",
"lastModified": "2024-04-03T12:38:04.840",
"lastModified": "2024-04-06T16:15:08.350",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in c-blosc2 up to 2.13.2. Affected is the function ndlz8_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz8x8.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-259050 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
"value": "A vulnerability, which was classified as critical, was found in c-blosc2 up to 2.13.2. Affected is the function ndlz8_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz8x8.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.14.3 is able to address this issue. It is recommended to upgrade the affected component. VDB-259050 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
@ -80,6 +80,10 @@
"url": "https://drive.google.com/drive/folders/1T1k3UeS09m65LjVXExUuZfedNQPWQWCo?usp=sharing",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/Blosc/c-blosc2/releases/tag/v2.14.3",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.259050",
"source": "cna@vuldb.com"

8
CVE-2024/CVE-2024-32xx/CVE-2024-3204.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2024-3204",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-02T22:15:11.040",
"lastModified": "2024-04-03T12:38:04.840",
"lastModified": "2024-04-06T16:15:08.530",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in c-blosc2 up to 2.13.2 and classified as critical. Affected by this vulnerability is the function ndlz4_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz4x4.c. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259051. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
"value": "A vulnerability has been found in c-blosc2 up to 2.13.2 and classified as critical. Affected by this vulnerability is the function ndlz4_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz4x4.c. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.14.3 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-259051."
},
{
"lang": "es",
@ -80,6 +80,10 @@
"url": "https://drive.google.com/drive/folders/1T1k3UeS09m65LjVXExUuZfedNQPWQWCo?usp=sharing",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/Blosc/c-blosc2/releases/tag/v2.14.3",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.259051",
"source": "cna@vuldb.com"

16
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-04-06T16:00:38.481265+00:00
2024-04-06T18:00:30.764170+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-04-06T15:15:26.983000+00:00
2024-04-06T17:15:07.127000+00:00
```
### Last Data Feed Release
@ -33,22 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
244292
244293
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `1`
- [CVE-2024-3156](CVE-2024/CVE-2024-31xx/CVE-2024-3156.json) (`2024-04-06T15:15:26.887`)
- [CVE-2024-3158](CVE-2024/CVE-2024-31xx/CVE-2024-3158.json) (`2024-04-06T15:15:26.940`)
- [CVE-2024-3159](CVE-2024/CVE-2024-31xx/CVE-2024-3159.json) (`2024-04-06T15:15:26.983`)
- [CVE-2024-0406](CVE-2024/CVE-2024-04xx/CVE-2024-0406.json) (`2024-04-06T17:15:07.127`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `2`
- [CVE-2024-3203](CVE-2024/CVE-2024-32xx/CVE-2024-3203.json) (`2024-04-06T16:15:08.350`)
- [CVE-2024-3204](CVE-2024/CVE-2024-32xx/CVE-2024-3204.json) (`2024-04-06T16:15:08.530`)
## Download and Usage

11
_state.csv
View File

@ -238299,6 +238299,7 @@ CVE-2024-0400,0,0,18035b4484267a537c15645ebee53285fc55ae5559f980b5f9795ec2795f24
CVE-2024-0402,0,0,2fe1b596353be20e61cfde75d3fd6588203ea2d19b7c21e2ce1c5a9ecc57cc90,2024-01-31T18:34:47.867000
CVE-2024-0403,0,0,ba0983060e2034b216b25cd26ed2bb024a7850bc1fcd95abc9a090d5040f7805,2024-03-01T14:04:26.010000
CVE-2024-0405,0,0,efdadcc35fc4ed87224ff4e930a96f9ee86e8b4ccb1a79f084616e91b90070e3,2024-01-24T17:23:09.773000
CVE-2024-0406,1,1,0d732ed0dcd4fee7d1608f00be852db4804bc0faa2e05ae9887b791a398602f2,2024-04-06T17:15:07.127000
CVE-2024-0407,0,0,f3bc2895be8ea5b6951b82e45fc670b2af282e8da3ab8846004c7a5f8a8e92ad,2024-02-22T19:07:37.840000
CVE-2024-0408,0,0,4e3e81f52cf3d5178a7182e7de9f0301b287ec329828c0391a69e3034670a699,2024-03-07T17:15:12.400000
CVE-2024-0409,0,0,34ebe0729ae458ad3578e4d18065a813c37b10bf9cf2255ae436410c7013521e,2024-03-07T17:15:12.540000
@ -244207,9 +244208,9 @@ CVE-2024-3147,0,0,02625b405a9656dc1928c253c58a24946e5b9cb50ef47acb30b3a3a470e8ef
CVE-2024-3148,0,0,da83dea91bd5fed523ca15df13db4100d62650319dcc492fed6d52171a819a8a,2024-04-02T12:50:42.233000
CVE-2024-31498,0,0,dbdfff68d351d6d87cb24a5ceff71e8a2890b85f17286eb00296e97541f537ef,2024-04-05T12:40:52.763000
CVE-2024-3151,0,0,dbc1fd34b22356e776c12a200bc45c40de5eea60ac1974d151d7c1d279b32bb4,2024-04-02T18:12:16.283000
CVE-2024-3156,1,1,9f9c048e423657d4c6cfeb6ec1587c184e07eae34e37ae9d2654478d26f6d515,2024-04-06T15:15:26.887000
CVE-2024-3158,1,1,f21141846c511bc19673d465070eba399dea5854b2f58b8afa25edeec16e16bc,2024-04-06T15:15:26.940000
CVE-2024-3159,1,1,73388f40de2e36adb3d0a13ff7c5e693322fbe4ad00be8b85864b2fbb1720003,2024-04-06T15:15:26.983000
CVE-2024-3156,0,0,9f9c048e423657d4c6cfeb6ec1587c184e07eae34e37ae9d2654478d26f6d515,2024-04-06T15:15:26.887000
CVE-2024-3158,0,0,f21141846c511bc19673d465070eba399dea5854b2f58b8afa25edeec16e16bc,2024-04-06T15:15:26.940000
CVE-2024-3159,0,0,73388f40de2e36adb3d0a13ff7c5e693322fbe4ad00be8b85864b2fbb1720003,2024-04-06T15:15:26.983000
CVE-2024-3160,0,0,f3860e2f9070e5e070adb0fe8ff153c3f84611a0ac253de8db1847a3b6990614,2024-04-02T12:50:42.233000
CVE-2024-3162,0,0,7209bf9b1b4a4f41543ae01bfd19e9aec1dd355164cd1434a8cb5548ea161c65,2024-04-03T12:38:04.840000
CVE-2024-3164,0,0,3f14d5740dc99012cea5d98ccad2d9781e84892caf086f43791d3f9483c41c33,2024-04-02T12:50:42.233000
@ -244224,8 +244225,8 @@ CVE-2024-31850,0,0,4982070fceb832e31d5e30fb03a84954ccaa75a897ce5879a6b4f81a150e3
CVE-2024-31851,0,0,ab4658af068ad1058f367d60d6c046977f3ab3864a10d3fc49f99432a80d6938,2024-04-05T18:15:09.953000
CVE-2024-31852,0,0,0ee0023d5b34c1dac5fa2039f744500c40b254d8784a31e411708a273dd8e7b9,2024-04-05T15:15:08.270000
CVE-2024-3202,0,0,c740eb561a7c1440cb5a8dd5eb2f94f0cce226529c05056c2f841e5a9fe9ca73,2024-04-03T12:38:04.840000
CVE-2024-3203,0,0,697bde31fba6d3c5a0e2d11da403a2e3b16828faac086b66cd78b0527d17b9c5,2024-04-03T12:38:04.840000
CVE-2024-3204,0,0,a9dea1ca01b499632a34af3ee57c461ecd8a21787537da790c2ae8f833a61142,2024-04-03T12:38:04.840000
CVE-2024-3203,0,1,50d63f401f7659abc3d4fe6662d0f1a519a0e385e123db03b5f1830a5a75ec57,2024-04-06T16:15:08.350000
CVE-2024-3204,0,1,f0ecaa4cd894fa75e44a48d7dd9614c107f33ee3ea503e315d2394814a086ab4,2024-04-06T16:15:08.530000
CVE-2024-3205,0,0,b2f3ceb1bf38a09a954460b526a18eba5a5a22a0c7181b9f1de158755c6153d4,2024-04-03T12:38:04.840000
CVE-2024-3207,0,0,5c9ae7819818cf69391317769652edafe7eb5058db1623e7c6299d6d13471791,2024-04-03T12:38:04.840000
CVE-2024-3209,0,0,cbfab2641f7deaa26fa0bc09801c52aa5b55dcac193d132dc1556c423a22c65d,2024-04-06T03:15:07.983000

Can't render this file because it is too large.