Auto-Update: 2025-04-21T08:00:20.071406+00:00

2025-06-19 17:31:42 +00:00 · 2025-04-21 08:03:54 +00:00 · 2025-04-21 08:03:54 +00:00 · 282153dcbc
commit 282153dcbc
parent 77c549e8fd
3 changed files with 92 additions and 11 deletions
--- a/CVE-2025/CVE-2025-06xx/CVE-2025-0632.json
+++ b/CVE-2025/CVE-2025-06xx/CVE-2025-0632.json
@ -0,0 +1,82 @@
 {
  "id": "CVE-2025-0632",
  "sourceIdentifier": "9c1820ae-fb77-4810-a8aa-ca46e7474d2f",
  "published": "2025-04-21T06:15:44.043",
  "lastModified": "2025-04-21T06:15:44.043",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Local File Inclusion (LFI) vulnerability in a Render function of Formulatrix Rock Maker Web (RMW) allows a remote attacker to obtain sensitive data via arbitrary code execution.\u00a0A malicious actor could execute malicious scripts to automatically download configuration files in known locations to exfiltrate data including credentials, and with no rate limiting a malicious actor could enumerate the filesystem of the host machine and potentially lead to full host compromise.\n\nThis issue affects Rock Maker Web: from 3.2.1.1 and later"
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "9c1820ae-fb77-4810-a8aa-ca46e7474d2f",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 9.2,
          "baseSeverity": "CRITICAL",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "LOW",
          "vulnAvailabilityImpact": "LOW",
          "subConfidentialityImpact": "HIGH",
          "subIntegrityImpact": "LOW",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ]
  },
  "weaknesses": [
    {
      "source": "9c1820ae-fb77-4810-a8aa-ca46e7474d2f",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        },
        {
          "lang": "en",
          "value": "CWE-98"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.formulatrix.com/downloads/apps/repository/rockmaker/",
      "source": "9c1820ae-fb77-4810-a8aa-ca46e7474d2f"
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 ```plain
-2025-04-21T06:00:20.116226+00:00
+2025-04-21T08:00:20.071406+00:00
 ```
 ### Most recent CVE Modification Timestamp synchronized with NVD
 ```plain
-2025-04-21T04:15:17.863000+00:00
+2025-04-21T06:15:44.043000+00:00
 ```
 ### Last Data Feed Release
@ -33,22 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 ```plain
-290955
+290956
 ```
 ### CVEs added in the last Commit
-Recently added CVEs: `0`
+Recently added CVEs: `1`
 - [CVE-2025-0632](CVE-2025/CVE-2025-06xx/CVE-2025-0632.json) (`2025-04-21T06:15:44.043`)
 ### CVEs modified in the last Commit
-Recently modified CVEs: `3`
+Recently modified CVEs: `0`
 - [CVE-2022-20547](CVE-2022/CVE-2022-205xx/CVE-2022-20547.json) (`2025-04-21T04:15:15.253`)
 - [CVE-2024-53591](CVE-2024/CVE-2024-535xx/CVE-2024-53591.json) (`2025-04-21T04:15:16.810`)
 - [CVE-2025-29058](CVE-2025/CVE-2025-290xx/CVE-2025-29058.json) (`2025-04-21T04:15:17.863`)
 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -190428,7 +190428,7 @@ CVE-2022-20543,0,0,f2989ef58f36a64988137a817cc2a061fef8a3af1d9296c1bb5f0dc11fc37
 CVE-2022-20544,0,0,61d3c3083c43fe435f5f16b44de976cfccfa10c84bd764afeb5c767e5b48b0ec,2024-11-21T06:43:01.183000
 CVE-2022-20545,0,0,0b5e966404159755a60b369665b116b20384ff4f6633d2c0e8e854755cd522d6,2024-11-21T06:43:01.303000
 CVE-2022-20546,0,0,176e8f89a12c020763840bffe37da72f32560d02b35efa1931855336f5793d95,2024-11-21T06:43:01.423000
-CVE-2022-20547,0,1,7983e4d8e9dbaccdae53aa8c99906fc9614e7225f63ffde1d7a31af22b4cf894,2025-04-21T04:15:15.253000
+CVE-2022-20547,0,0,7983e4d8e9dbaccdae53aa8c99906fc9614e7225f63ffde1d7a31af22b4cf894,2025-04-21T04:15:15.253000
 CVE-2022-20548,0,0,c4ae774032558c5ac77ffab84c9436770066b5330d482ed6440912178d090cb7,2025-04-18T21:15:42.133000
 CVE-2022-20549,0,0,44aba0ca79b70b74ae972c604cf511b7702557b32917ca4292899b337575a293,2025-04-18T21:15:43.073000
 CVE-2022-20550,0,0,979ffd8408a1a8cfaef52805fa6ddeed036eff9bca6698beadd8f55d8cb87d1d,2025-04-18T16:15:18.150000
@ -274660,7 +274660,7 @@ CVE-2024-53586,0,0,301d02093d38a6f54562884a5fff3b8994d8a5baf163448220588eedaadf0
 CVE-2024-53588,0,0,fe48f7787c676ce29f21d914524d1d78fc3ff1010b5196171b6a8de109978dae,2025-01-24T22:15:33.520000
 CVE-2024-53589,0,0,307fbb546d42ae682f4eb30c791fb75b252f0ed41906a0b6f6e04180cc8c106a,2025-03-14T10:15:15.130000
 CVE-2024-5359,0,0,71f1c8bfc2723941432df47643d84a7d10561c27f62494f85f57a3b89891d67d,2025-02-21T19:39:01.480000
-CVE-2024-53591,0,1,43448c9e8c404f7987aa7147096bb9b89fd18f65348b7b44160638c529532a6a,2025-04-21T04:15:16.810000
+CVE-2024-53591,0,0,43448c9e8c404f7987aa7147096bb9b89fd18f65348b7b44160638c529532a6a,2025-04-21T04:15:16.810000
 CVE-2024-53597,0,0,438026e14ae09726543276b1bb70c22feed1a3a736c09b864ce876954f4f80b7,2024-11-27T21:15:08.170000
 CVE-2024-53599,0,0,4e154161154da95241d6e7cee4b06be89db1c3cd7ac717fcb16e70a39031c607,2024-11-25T21:15:21.993000
 CVE-2024-5360,0,0,40fabaab8917d98be8757f929d22ad67f3d92b7ca4c7cc90d24279564dc7d86d,2025-02-21T19:34:42.090000
@ -281742,6 +281742,7 @@ CVE-2025-0628,0,0,570695b374c4ed87e2ed44b4722d7e35e02627e97784a5b85708accd345030
 CVE-2025-0629,0,0,8f521d45357a68fe1bd984513c58f6ea34cfc4b0f61fed4ffe8ed172f2ebf0d3,2025-03-11T14:15:24.090000
 CVE-2025-0630,0,0,bb04cf8ef857d76c3a37bf8a5fa23865f63bacce52c7cbeba321e37955a961c9,2025-02-04T20:15:49.940000
 CVE-2025-0631,0,0,f678fe6dd09f7e9ac50fdb058244ff83ef796d29890119e12d088befc24858a0,2025-01-28T19:15:14.270000
 CVE-2025-0632,1,1,10f6a8923a58e1b4cf105b2918ac97baf63273b69ee9b9b5c7c43c23b3be7699,2025-04-21T06:15:44.043000
 CVE-2025-0633,0,0,d99126f9166a4e84d3e57050e6aafa26d9cc8a19aa8e9fa3be65f2f9a812f3e1,2025-02-19T07:15:33.537000
 CVE-2025-0635,0,0,97c2ba48a72c7101c06a2ce11947aa32804795ad5ed76ef5586cdf1bab2602b3,2025-01-23T11:15:10.890000
 CVE-2025-0637,0,0,527088f0979b18ce444b6ef69464399256b011e8d9eae0913ca1205a9c4503aa,2025-01-23T16:15:36.617000
@ -288167,7 +288168,7 @@ CVE-2025-29045,0,0,090c3e96b99d9f1ab70ff9b689049ccda9fa971c4f9a3d1da9c7bf0e80474
 CVE-2025-29046,0,0,b7ee5cb392ebd408b1b6286a1320dff309770773e41a50e962ca316924d92804,2025-04-18T13:15:57.827000
 CVE-2025-29047,0,0,076f84d8bd59a653a39e66671e4a2349aadc2c3d4b6f78b21110fe2564e902fb,2025-04-18T13:15:58
 CVE-2025-29049,0,0,5d330c70d7d31103316e937aa271bd3496ea507fadb908ea97bf504a0ca30485,2025-04-02T14:58:07.527000
-CVE-2025-29058,0,1,35072a24577b16cbf222885d7889d9d8e4b6892a46c35d34c08d9b6dd5f2aaf6,2025-04-21T04:15:17.863000
+CVE-2025-29058,0,0,35072a24577b16cbf222885d7889d9d8e4b6892a46c35d34c08d9b6dd5f2aaf6,2025-04-21T04:15:17.863000
 CVE-2025-2906,0,0,a9a7d8b41557888835e1c79dd2617916cc6b4f3c0d6d09861e305343a3b52d6a,2025-04-01T20:26:11.547000
 CVE-2025-29062,0,0,8b038be77d187e96d12580474b403cb7fa145ff3ea4b7563c5f09cb9c8bff2e3,2025-04-07T14:18:49.830000
 CVE-2025-29063,0,0,fb62068ea038ef1ec0c7040dd75d6c08aaabdcd4faa76e872cbcfed9d1021b86,2025-04-07T14:18:34.453000