From 20e41494d876f9ba6b97aaf18df46e89617e4d26 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sun, 3 Mar 2024 23:00:28 +0000 Subject: [PATCH] Auto-Update: 2024-03-03T23:00:24.295724+00:00 --- CVE-2019/CVE-2019-252xx/CVE-2019-25210.json | 24 +++++++++++++++++++++ CVE-2024/CVE-2024-280xx/CVE-2024-28084.json | 24 +++++++++++++++++++++ README.md | 14 ++++++------ 3 files changed, 54 insertions(+), 8 deletions(-) create mode 100644 CVE-2019/CVE-2019-252xx/CVE-2019-25210.json create mode 100644 CVE-2024/CVE-2024-280xx/CVE-2024-28084.json diff --git a/CVE-2019/CVE-2019-252xx/CVE-2019-25210.json b/CVE-2019/CVE-2019-252xx/CVE-2019-25210.json new file mode 100644 index 00000000000..50b0eced479 --- /dev/null +++ b/CVE-2019/CVE-2019-252xx/CVE-2019-25210.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2019-25210", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-03T21:15:49.867", + "lastModified": "2024-03-03T21:15:49.867", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Cloud Native Computing Foundation (CNCF) Helm through 3.13.3. It displays values of secrets when the --dry-run flag is used. This is a security concern in some use cases, such as a --dry-run call by a CI/CD tool. NOTE: the vendor's position is that this behavior was introduced intentionally, and cannot be removed without breaking backwards compatibility (some users may be relying on these values)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/helm/helm/issues/7275", + "source": "cve@mitre.org" + }, + { + "url": "https://www.cncf.io/projects/helm/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-280xx/CVE-2024-28084.json b/CVE-2024/CVE-2024-280xx/CVE-2024-28084.json new file mode 100644 index 00000000000..1d590960d17 --- /dev/null +++ b/CVE-2024/CVE-2024-280xx/CVE-2024-28084.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2024-28084", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-03-03T21:15:49.963", + "lastModified": "2024-03-03T21:15:49.963", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=52a47c9fd428904de611a90cbf8b223af879684d", + "source": "cve@mitre.org" + }, + { + "url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=d34b4e16e045142590ed7cb653e01ed0ae5362eb", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 2a251413b6d..f3677149470 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-03-03T19:00:24.664446+00:00 +2024-03-03T23:00:24.295724+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-03-03T18:15:10.967000+00:00 +2024-03-03T21:15:49.963000+00:00 ``` ### Last Data Feed Release @@ -29,17 +29,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -240383 +240385 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `2` -* [CVE-2024-2147](CVE-2024/CVE-2024-21xx/CVE-2024-2147.json) (`2024-03-03T17:15:07.123`) -* [CVE-2024-2148](CVE-2024/CVE-2024-21xx/CVE-2024-2148.json) (`2024-03-03T17:15:07.353`) -* [CVE-2024-2149](CVE-2024/CVE-2024-21xx/CVE-2024-2149.json) (`2024-03-03T18:15:10.723`) -* [CVE-2024-2150](CVE-2024/CVE-2024-21xx/CVE-2024-2150.json) (`2024-03-03T18:15:10.967`) +* [CVE-2019-25210](CVE-2019/CVE-2019-252xx/CVE-2019-25210.json) (`2024-03-03T21:15:49.867`) +* [CVE-2024-28084](CVE-2024/CVE-2024-280xx/CVE-2024-28084.json) (`2024-03-03T21:15:49.963`) ### CVEs modified in the last Commit