Auto-Update: 2025-04-20T22:00:19.513308+00:00

2025-05-08 03:27:17 +00:00 · 2025-04-20 22:03:51 +00:00 · 2025-04-20 22:03:51 +00:00 · 43f0af513e
commit 43f0af513e
parent 8e7e301bd9
3 changed files with 62 additions and 5 deletions
--- a/CVE-2025/CVE-2025-439xx/CVE-2025-43955.json
+++ b/CVE-2025/CVE-2025-439xx/CVE-2025-43955.json
@ -0,0 +1,56 @@
+{
+  "id": "CVE-2025-43955",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-04-20T20:15:13.553",
+  "lastModified": "2025-04-20T20:15:13.553",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "TwsCachedXPathAPI in Convertigo through 8.3.4 does not restrict the use of commons-jxpath APIs."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N",
+          "baseScore": 2.2,
+          "baseSeverity": "LOW",
+          "attackVector": "LOCAL",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 0.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-749"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/convertigo/convertigo/issues/898",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-04-20T20:00:19.478096+00:00
+2025-04-20T22:00:19.513308+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-04-20T19:15:43.137000+00:00
+2025-04-20T20:15:13.553000+00:00
 ```

 ### Last Data Feed Release
@ -33,14 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-290942
+290943
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `1`

- [CVE-2025-43954](CVE-2025/CVE-2025-439xx/CVE-2025-43954.json) (`2025-04-20T19:15:43.137`)
+- [CVE-2025-43955](CVE-2025/CVE-2025-439xx/CVE-2025-43955.json) (`2025-04-20T20:15:13.553`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -290940,4 +290940,5 @@ CVE-2025-43920,0,0,b78354739d89571d106f08bd550eb673b1af9ed695f9a469ebcd3fe832889
 CVE-2025-43921,0,0,b59dba0610887a199b0faf2f19a0e03e63d8e4472120cfd2c980e88dc9faec57,2025-04-20T01:15:46.043000
 CVE-2025-43928,0,0,7e137dc78a97082b3c993605d044d26a389eebe6d6590183c90296f75caf000e,2025-04-20T03:15:35.003000
 CVE-2025-43929,0,0,b7b16912e19748274928ce4ed708cddadca19d9026021836109f3f82db667fc8,2025-04-20T14:15:13.230000
-CVE-2025-43954,1,1,f2044552c25b024e3accb93e74b0e1e3ecf9ad47f8e8029720c29485b7686cc3,2025-04-20T19:15:43.137000
+CVE-2025-43954,0,0,f2044552c25b024e3accb93e74b0e1e3ecf9ad47f8e8029720c29485b7686cc3,2025-04-20T19:15:43.137000
+CVE-2025-43955,1,1,0a56ed412a1ea3144b576f60e4e3fb6913c480fcdf88a628feedd34ca43f5fa8,2025-04-20T20:15:13.553000