admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-04-21T02:00:19.177917+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-04-21 02:03:50 +00:00
parent 95448a45b3
commit 0fccf897ef
12 changed files with 542 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
CVE-2025/CVE-2025-439xx/CVE-2025-43961.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-43961",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-21T00:15:32.873",
"lastModified": "2025-04-21T00:15:32.873",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 2.9,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.4,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://github.com/LibRaw/LibRaw/commit/66fe663e02a4dd610b4e832f5d9af326709336c2",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/LibRaw/LibRaw/compare/0.21.3...0.21.4",
"source": "cve@mitre.org"
},
{
"url": "https://www.libraw.org/news/libraw-0-21-4-release",
"source": "cve@mitre.org"
}
]
}

64
CVE-2025/CVE-2025-439xx/CVE-2025-43962.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-43962",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-21T00:15:33.027",
"lastModified": "2025-04-21T00:15:33.027",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 2.9,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.4,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://github.com/LibRaw/LibRaw/commit/66fe663e02a4dd610b4e832f5d9af326709336c2",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/LibRaw/LibRaw/compare/0.21.3...0.21.4",
"source": "cve@mitre.org"
},
{
"url": "https://www.libraw.org/news/libraw-0-21-4-release",
"source": "cve@mitre.org"
}
]
}

64
CVE-2025/CVE-2025-439xx/CVE-2025-43963.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-43963",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-21T00:15:33.173",
"lastModified": "2025-04-21T00:15:33.173",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not checked in 0x041f tag processing."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 2.9,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.4,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://github.com/LibRaw/LibRaw/commit/be26e7639ecf8beb55f124ce780e99842de2e964",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/LibRaw/LibRaw/compare/0.21.3...0.21.4",
"source": "cve@mitre.org"
},
{
"url": "https://www.libraw.org/news/libraw-0-21-4-release",
"source": "cve@mitre.org"
}
]
}

64
CVE-2025/CVE-2025-439xx/CVE-2025-43964.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-43964",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-21T00:15:33.310",
"lastModified": "2025-04-21T00:15:33.310",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 2.9,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.4,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
}
],
"references": [
{
"url": "https://github.com/LibRaw/LibRaw/commit/a50dc3f1127d2e37a9b39f57ad9bb2ebb60f18c0",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/LibRaw/LibRaw/compare/0.21.3...0.21.4",
"source": "cve@mitre.org"
},
{
"url": "https://www.libraw.org/news/libraw-0-21-4-release",
"source": "cve@mitre.org"
}
]
}

60
CVE-2025/CVE-2025-439xx/CVE-2025-43966.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-43966",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-21T00:15:33.457",
"lastModified": "2025-04-21T00:15:33.457",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 2.9,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.4,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://github.com/strukturag/libheif/commit/b38555387e4b5dcf036fe45b0c440aca19b7b69c",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/strukturag/libheif/compare/v1.19.5...v1.19.6",
"source": "cve@mitre.org"
}
]
}

64
CVE-2025/CVE-2025-439xx/CVE-2025-43967.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-43967",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-21T00:15:33.607",
"lastModified": "2025-04-21T00:15:33.607",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 2.9,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.4,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://github.com/strukturag/libheif/commit/6e35af7b0ff9fb6cc952a1539590d160db32f671",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/strukturag/libheif/compare/v1.19.5...v1.19.6",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/strukturag/libheif/issues/1455",
"source": "cve@mitre.org"
}
]
}

60
CVE-2025/CVE-2025-439xx/CVE-2025-43970.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-43970",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-21T01:15:45.310",
"lastModified": "2025-04-21T01:15:45.310",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g.. by ensuring that there are 12 bytes or 36 bytes (depending on the address family)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
}
],
"references": [
{
"url": "https://github.com/osrg/gobgp/commit/5153bafbe8dbe1a2f02a70bbf0365e98b80e47b0",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-439xx/CVE-2025-43971.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-43971",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-21T01:15:45.457",
"lastModified": "2025-04-21T01:15:45.457",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/osrg/gobgp/commit/08a001e06d90e8bcc190084c66992f46f62c0986",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-439xx/CVE-2025-43972.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-43972",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-21T01:15:45.563",
"lastModified": "2025-04-21T01:15:45.563",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/osrg/gobgp/commit/ca7383f450f7b296c5389feceef2467de5ab6e5a",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0",
"source": "cve@mitre.org"
}
]
}

25
CVE-2025/CVE-2025-439xx/CVE-2025-43973.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2025-43973",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-04-21T01:15:45.670",
"lastModified": "2025-04-21T01:15:45.670",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/osrg/gobgp/commit/5693c58a4815cc6327b8d3b6980f0e5aced28abe",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/osrg/gobgp/compare/v3.34.0...v3.35.0",
"source": "cve@mitre.org"
}
]
}

22
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-04-20T23:55:19.145140+00:00
2025-04-21T02:00:19.177917+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-04-20T22:15:29.690000+00:00
2025-04-21T01:15:45.670000+00:00
```
### Last Data Feed Release
@ -27,21 +27,29 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2025-04-20T00:00:04.369696+00:00
2025-04-21T00:00:10.085823+00:00
```
### Total Number of included CVEs
```plain
290945
290955
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `10`
- [CVE-2020-36844](CVE-2020/CVE-2020-368xx/CVE-2020-36844.json) (`2025-04-20T22:15:28.950`)
- [CVE-2020-36845](CVE-2020/CVE-2020-368xx/CVE-2020-36845.json) (`2025-04-20T22:15:29.690`)
- [CVE-2025-43961](CVE-2025/CVE-2025-439xx/CVE-2025-43961.json) (`2025-04-21T00:15:32.873`)
- [CVE-2025-43962](CVE-2025/CVE-2025-439xx/CVE-2025-43962.json) (`2025-04-21T00:15:33.027`)
- [CVE-2025-43963](CVE-2025/CVE-2025-439xx/CVE-2025-43963.json) (`2025-04-21T00:15:33.173`)
- [CVE-2025-43964](CVE-2025/CVE-2025-439xx/CVE-2025-43964.json) (`2025-04-21T00:15:33.310`)
- [CVE-2025-43966](CVE-2025/CVE-2025-439xx/CVE-2025-43966.json) (`2025-04-21T00:15:33.457`)
- [CVE-2025-43967](CVE-2025/CVE-2025-439xx/CVE-2025-43967.json) (`2025-04-21T00:15:33.607`)
- [CVE-2025-43970](CVE-2025/CVE-2025-439xx/CVE-2025-43970.json) (`2025-04-21T01:15:45.310`)
- [CVE-2025-43971](CVE-2025/CVE-2025-439xx/CVE-2025-43971.json) (`2025-04-21T01:15:45.457`)
- [CVE-2025-43972](CVE-2025/CVE-2025-439xx/CVE-2025-43972.json) (`2025-04-21T01:15:45.563`)
- [CVE-2025-43973](CVE-2025/CVE-2025-439xx/CVE-2025-43973.json) (`2025-04-21T01:15:45.670`)
### CVEs modified in the last Commit

14
_state.csv
View File

@ -159611,8 +159611,8 @@ CVE-2020-36840,0,0,2926db043fdb0e8192aea6b1566e98cdedb30bd0d207e0c9b7fd57f0b2c70
CVE-2020-36841,0,0,435f561ac28bd6843959dd71ae0ae92aa0b6edf75e8094045c0b200540a2758d,2024-10-16T16:38:14.557000
CVE-2020-36842,0,0,aa409bdde21a1952d265f5aff9fddfa11fdb1da8db2d6b76fb10ddce24ac91d8,2024-10-30T21:03:53.807000
CVE-2020-36843,0,0,023fb2c50bcc67a3bb33f41e6bdffdf9e9ccdfb393ddc1b6592a73ee3ce02ee8,2025-03-13T06:15:34.043000
CVE-2020-36844,1,1,8552a356aa32cceb6b28779ed8d3382542c47f0deb4b43f8af0a1e81f0d7ad0d,2025-04-20T22:15:28.950000
CVE-2020-36845,1,1,33956f42cd1bfa85bb74727f73c5c8712159f623f58ef3489902083eb49b8b4c,2025-04-20T22:15:29.690000
CVE-2020-36844,0,0,8552a356aa32cceb6b28779ed8d3382542c47f0deb4b43f8af0a1e81f0d7ad0d,2025-04-20T22:15:28.950000
CVE-2020-36845,0,0,33956f42cd1bfa85bb74727f73c5c8712159f623f58ef3489902083eb49b8b4c,2025-04-20T22:15:29.690000
CVE-2020-3685,0,0,ebc768dfe955ad0c52041c7e2608a91c2b5719c6059fc65a66fc055e90d4e6b0,2024-11-21T05:31:34.290000
CVE-2020-3686,0,0,fed42ed77b3514bcd56d213454eba10c6543e81893514c48ebacb4355f05304f,2024-11-21T05:31:34.463000
CVE-2020-3687,0,0,4f5fc687e6ec97625652ba8cc878e5dcedb758a9b86899e8a0bd5d38bccb2613,2024-11-21T05:31:34.637000
@ -290944,3 +290944,13 @@ CVE-2025-43928,0,0,7e137dc78a97082b3c993605d044d26a389eebe6d6590183c90296f75caf0
CVE-2025-43929,0,0,b7b16912e19748274928ce4ed708cddadca19d9026021836109f3f82db667fc8,2025-04-20T14:15:13.230000
CVE-2025-43954,0,0,f2044552c25b024e3accb93e74b0e1e3ecf9ad47f8e8029720c29485b7686cc3,2025-04-20T19:15:43.137000
CVE-2025-43955,0,0,0a56ed412a1ea3144b576f60e4e3fb6913c480fcdf88a628feedd34ca43f5fa8,2025-04-20T20:15:13.553000
CVE-2025-43961,1,1,392cf865fa1f5c6a9a582197f39192d9cf25ef868e0f7c86d32ee55aefb1a6f6,2025-04-21T00:15:32.873000
CVE-2025-43962,1,1,30f038378954877fedba52e8270dce25f8585f9d92d47218510b283bcb946ae3,2025-04-21T00:15:33.027000
CVE-2025-43963,1,1,3731957d674178b4f34b55563993c2dbea2c456cb2d9e353bb5fedc9bc2b8713,2025-04-21T00:15:33.173000
CVE-2025-43964,1,1,fc258df96e9c07e4ea36b997a2ccd21aeb89f2d64537f68c4cfc259db04418aa,2025-04-21T00:15:33.310000
CVE-2025-43966,1,1,4bc59672dab6b688c8e360afe4fb98d997592771e6b8053057cd8b549a819ebe,2025-04-21T00:15:33.457000
CVE-2025-43967,1,1,8039987bace19a5b812e185915b1369c4b30f43f4d666f21df0b1bac11de4366,2025-04-21T00:15:33.607000
CVE-2025-43970,1,1,5e5dd2dc396cd7168fd731eb1b27a67bf0d02bf3e18c8bd281e5dde97ef8b33e,2025-04-21T01:15:45.310000
CVE-2025-43971,1,1,a69476d4e885679367341bf6b8e090bba8435534676741e23a94761f513aa1d0,2025-04-21T01:15:45.457000
CVE-2025-43972,1,1,e42ebe54e54ae4e8c91575e9b4a9657092d0d91b915a509126af48d506b010c7,2025-04-21T01:15:45.563000
CVE-2025-43973,1,1,edd3aa84e13ec6138866da343b64bd662393e7555d12709ad9ad70b108769826,2025-04-21T01:15:45.670000

Can't render this file because it is too large.