From 13d19b0608a97fbda47e82106f471b811f074674 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 15 Mar 2025 11:03:48 +0000 Subject: [PATCH] Auto-Update: 2025-03-15T11:00:20.027331+00:00 --- CVE-2025/CVE-2025-10xx/CVE-2025-1057.json | 60 +++++++++++++++++++++++ README.md | 12 ++--- _state.csv | 7 +-- 3 files changed, 69 insertions(+), 10 deletions(-) create mode 100644 CVE-2025/CVE-2025-10xx/CVE-2025-1057.json diff --git a/CVE-2025/CVE-2025-10xx/CVE-2025-1057.json b/CVE-2025/CVE-2025-10xx/CVE-2025-1057.json new file mode 100644 index 00000000000..882858a4c5f --- /dev/null +++ b/CVE-2025/CVE-2025-10xx/CVE-2025-1057.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-1057", + "sourceIdentifier": "secalert@redhat.com", + "published": "2025-03-15T09:15:10.770", + "lastModified": "2025-03-15T09:15:10.770", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas the updated registrar expects str. This issue leads to an exception when processing agent registration requests, causing the agent to fail." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-704" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2025-1057", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343894", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 5726de31524..8766b9f0820 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-03-15T09:00:19.407672+00:00 +2025-03-15T11:00:20.027331+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-03-15T07:15:35.107000+00:00 +2025-03-15T09:15:10.770000+00:00 ``` ### Last Data Feed Release @@ -33,16 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -285300 +285301 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `1` -- [CVE-2019-25222](CVE-2019/CVE-2019-252xx/CVE-2019-25222.json) (`2025-03-15T07:15:33.523`) -- [CVE-2025-2157](CVE-2025/CVE-2025-21xx/CVE-2025-2157.json) (`2025-03-15T07:15:34.930`) -- [CVE-2025-2325](CVE-2025/CVE-2025-23xx/CVE-2025-2325.json) (`2025-03-15T07:15:35.107`) +- [CVE-2025-1057](CVE-2025/CVE-2025-10xx/CVE-2025-1057.json) (`2025-03-15T09:15:10.770`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 0616877291a..68f36e203e8 100644 --- a/_state.csv +++ b/_state.csv @@ -138577,7 +138577,7 @@ CVE-2019-25219,0,0,1cb37836ebcc5b11769d9904fbdfa2fec545979ad1eccec7a99d4f7ebed29 CVE-2019-2522,0,0,638737140f258e11051ee5bbdf0348d4d75583dff335dd9bacaf5548d0e7c058,2024-11-21T04:41:02.287000 CVE-2019-25220,0,0,d816e7498110be9fdee3cfe309ef71779578ebdc0da778db7a8c501d80ff8668,2024-11-18T17:35:01.780000 CVE-2019-25221,0,0,1df42d22725f30b375d9fa95a2ea36f97268cbdd206d333006cebd98ba4f48ba,2024-12-13T04:15:04.713000 -CVE-2019-25222,1,1,e48f512b72d147eb90f82048a82961bc399ff454a090ea1b4ad9e93c426e7278,2025-03-15T07:15:33.523000 +CVE-2019-25222,0,0,e48f512b72d147eb90f82048a82961bc399ff454a090ea1b4ad9e93c426e7278,2025-03-15T07:15:33.523000 CVE-2019-2523,0,0,8dbf09cc09a9d36d5d379aecf44a233c56df498cda1cca6ed13442ba59e0191b,2024-11-21T04:41:02.417000 CVE-2019-2524,0,0,e78029c84d578c9195f9dc77e1bc1d99a41eb834e1b9ea40680656159ff29559,2024-11-21T04:41:02.543000 CVE-2019-2525,0,0,45bc199935b7701dbac60abc55ae16ce2ad0edb17c245390c2e47faaca8aac93,2024-11-21T04:41:02.660000 @@ -280950,6 +280950,7 @@ CVE-2025-1043,0,0,85285f0459384c003ce1a5c887368f71f800dede66c51b6ace529750f1366c CVE-2025-1044,0,0,9f8be6c10874ff2755d0454f22f2307f6446f5aad49de046e6d1d7bccf9d96f4,2025-02-18T21:34:01.863000 CVE-2025-1052,0,0,dd0f54ac7a99856d7d318fe87955632258ed518980dc0996f06ddf7223075097,2025-02-18T21:32:45.863000 CVE-2025-1053,0,0,745fc40219bc37fd7ab7252db87e5d766a3ee14d78f27aa4c9a1b496940a21f8,2025-02-14T04:15:08.903000 +CVE-2025-1057,1,1,29d2b2f898571ecf1b5128b283ebb760ec9d0d58e8d9253e7c34b82ca9cbb5e5,2025-03-15T09:15:10.770000 CVE-2025-1058,0,0,931565082cf6be7adcbf5c17fdfd20136c63742e85ad7be32de9be500e9b2826,2025-02-13T06:15:21.480000 CVE-2025-1059,0,0,c8e08f393241882abd9f520991c8527e65d38e4d6c43516ed6bd207e016f7d2f,2025-02-13T06:15:21.680000 CVE-2025-1060,0,0,249a972722a8ea5c8c8703c094cf839a07a282f53cdfa1c21d84e389f952edae,2025-02-13T06:15:22.213000 @@ -282137,7 +282138,7 @@ CVE-2025-21566,0,0,82ec7fdf226cb80f776cd09a3b71e56b532d0f963e7ee3118ba6bb781b798 CVE-2025-21567,0,0,ccd02f620841a055b7609434758122e81dae08bf571c2d34cc808d0e73dc219d,2025-02-04T17:15:21.167000 CVE-2025-21568,0,0,fec47b6b9ef3349c1b6b471d918fb557c8f63b9953ba47a2a0e04d801fa6804d,2025-02-04T17:15:21.297000 CVE-2025-21569,0,0,5df0154e36384276f1807ec7f051b457b9528fd8420a266b3a9f61e681a5ef4f,2025-02-04T17:15:21.423000 -CVE-2025-2157,1,1,de2d77a143a9726a8c0cdeb1112b3114a0d09708174b91e160daba34d5d4aa2c,2025-03-15T07:15:34.930000 +CVE-2025-2157,0,0,de2d77a143a9726a8c0cdeb1112b3114a0d09708174b91e160daba34d5d4aa2c,2025-03-15T07:15:34.930000 CVE-2025-21570,0,0,ace167949078eb846cc68a40950678bfa282af3d76d61bcddefc7d830cafe3ca,2025-02-04T17:15:21.550000 CVE-2025-21571,0,0,bdb8c4caf4103cfe30d360ecbf83480841b6726b170ed756d9f8b563b72e6029,2025-02-04T19:15:33.230000 CVE-2025-21590,0,0,b36ae92dc904bf55dc4028b2cedf584a24120b0d6e0ef4bd06450d9ddd9f9379,2025-03-14T20:35:13.207000 @@ -283081,7 +283082,7 @@ CVE-2025-23239,0,0,73761053f1cf486225f31cfbe2c5d7282e449e2379e63bc42bc6b88358fef CVE-2025-23240,0,0,cc75ce891b393f48204ae1bee9d1c6ebb0570ce0b6fca2a588e96d25da4e228c,2025-03-04T17:12:06.513000 CVE-2025-23242,0,0,621adf07512b57c6883dcee811f463a1068addd9387d1e7204c7b4c588c8f36c,2025-03-11T20:15:16.280000 CVE-2025-23243,0,0,bffe529ed1b92c248ffa538f9f7e54859081f3c5f5cb97e035c66ab1dd8d6e9d,2025-03-11T20:15:16.463000 -CVE-2025-2325,1,1,3c6b219229dc76a33d78d2ccb8fd1f767d78355c555f30961ca2b7b219af14fc,2025-03-15T07:15:35.107000 +CVE-2025-2325,0,0,3c6b219229dc76a33d78d2ccb8fd1f767d78355c555f30961ca2b7b219af14fc,2025-03-15T07:15:35.107000 CVE-2025-23359,0,0,078a2b254b9542e7cfbdc0b2539045b6c597acb96680d65380627cec160e1602,2025-02-12T01:15:09.230000 CVE-2025-23360,0,0,64786cc83cb60a45ca607edefa61a189dcb38008ee28945d3e238c33bc7c5f9c,2025-03-11T20:15:16.633000 CVE-2025-23362,0,0,f1b04109bb5a53f0fa12693fb841988a838f82d29d11cab82e724120097242c3,2025-01-29T02:15:27.910000