Auto-Update: 2024-02-17T00:55:24.791630+00:00

2025-07-09 16:05:11 +00:00 · 2024-02-17 00:55:28 +00:00 · 2024-02-17 00:55:28 +00:00 · 5ad111f3f4
commit 5ad111f3f4
parent fe9204e805
4 changed files with 123 additions and 135 deletions
--- a/CVE-2022/CVE-2022-404xx/CVE-2022-40433.json
+++ b/CVE-2022/CVE-2022-404xx/CVE-2022-40433.json
@ -2,107 +2,14 @@
  "id": "CVE-2022-40433",
  "sourceIdentifier": "secalert_us@oracle.com",
  "published": "2023-08-22T19:16:24.010",
-  "lastModified": "2023-12-06T21:15:07.457",
-  "vulnStatus": "Modified",
+  "lastModified": "2024-02-17T00:15:08.577",
+  "vulnStatus": "Rejected",
  "descriptions": [
    {
      "lang": "en",
-      "value": "An issue was discovered in function ciMethodBlocks::make_block_at in Oracle JDK (HotSpot VM) 11, 17 and OpenJDK (HotSpot VM) 8, 11, 17, allows attackers to cause a denial of service. Note: Vendor states that this to is Defense in Depth at most due to the nature of the issue and the special circumstances required (server must be running particular code locally, code compiled with an old, old version of javac, etc.)."
-    },
-    {
-      "lang": "es",
-      "value": "Se ha descubierto un problema en la funci\u00f3n ciMethodBlocks::make_block_at de Oracle JDK (HotSpot VM) 11, 17 y OpenJDK (HotSpot VM) 8, 11, 17, que permite a los atacantes provocar una denegaci\u00f3n de servicio.\n"
+      "value": "Rejected reason: ** REJECT ** This CVE ID has been rejected by its CNA as it was not a security issue."
    }
  ],
-  "metrics": {
-    "cvssMetricV31": [
-      {
-        "source": "nvd@nist.gov",
-        "type": "Primary",
-        "cvssData": {
-          "version": "3.1",
-          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
-          "attackVector": "NETWORK",
-          "attackComplexity": "LOW",
-          "privilegesRequired": "HIGH",
-          "userInteraction": "NONE",
-          "scope": "UNCHANGED",
-          "confidentialityImpact": "NONE",
-          "integrityImpact": "NONE",
-          "availabilityImpact": "HIGH",
-          "baseScore": 4.9,
-          "baseSeverity": "MEDIUM"
-        },
-        "exploitabilityScore": 1.2,
-        "impactScore": 3.6
-      }
-    ]
-  },
-  "weaknesses": [
-    {
-      "source": "nvd@nist.gov",
-      "type": "Primary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "NVD-CWE-noinfo"
-        }
-      ]
-    }
-  ],
-  "configurations": [
-    {
-      "nodes": [
-        {
-          "operator": "OR",
-          "negate": false,
-          "cpeMatch": [
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:a:oracle:openjdk:7:update351:*:*:*:*:*:*",
-              "matchCriteriaId": "576F2D55-3079-45D0-A2E8-0D250A8F5BDE"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:a:oracle:openjdk:8:*:*:*:*:*:*:*",
-              "matchCriteriaId": "FB165A22-A34A-478F-AF3A-483F649AE95D"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:a:oracle:openjdk:11:*:*:*:*:*:*:*",
-              "matchCriteriaId": "465CFA59-8E94-415A-ACF0-E678826813BE"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:a:oracle:openjdk:17.0.2:*:*:*:*:*:*:*",
-              "matchCriteriaId": "778B9A45-E5EB-4B97-9989-AC221A577DCA"
-            },
-            {
-              "vulnerable": true,
-              "criteria": "cpe:2.3:a:oracle:openjdk:18:*:*:*:*:*:*:*",
-              "matchCriteriaId": "56CBFC1F-C120-44F2-877A-C1C880AA89C4"
-            }
-          ]
-        }
-      ]
-    }
-  ],
-  "references": [
-    {
-      "url": "https://bugs.openjdk.org/browse/JDK-8283441",
-      "source": "secalert_us@oracle.com"
-    },
-    {
-      "url": "https://github.com/openjdk/jdk11u-dev/pull/1183",
-      "source": "secalert_us@oracle.com"
-    },
-    {
-      "url": "https://github.com/openjdk/jdk13u-dev/pull/394",
-      "source": "secalert_us@oracle.com"
-    },
-    {
-      "url": "https://github.com/openjdk/jdk15u-dev/pull/261",
-      "source": "secalert_us@oracle.com"
-    }
-  ]
+  "metrics": {},
+  "references": []
 }
--- a/CVE-2024/CVE-2024-219xx/CVE-2024-21983.json
+++ b/CVE-2024/CVE-2024-219xx/CVE-2024-21983.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-21983",
+  "sourceIdentifier": "security-alert@netapp.com",
+  "published": "2024-02-16T23:15:07.857",
+  "lastModified": "2024-02-16T23:15:07.857",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 \nare susceptible to a Denial of Service (DoS) vulnerability. Successful \nexploit by an authenticated attacker could lead to an out of memory \ncondition or node reboot.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-alert@netapp.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-alert@netapp.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-248"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://security.netapp.com/advisory/ntap-20240216-0012/",
+      "source": "security-alert@netapp.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-219xx/CVE-2024-21984.json
+++ b/CVE-2024/CVE-2024-219xx/CVE-2024-21984.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-21984",
+  "sourceIdentifier": "security-alert@netapp.com",
+  "published": "2024-02-16T23:15:08.050",
+  "lastModified": "2024-02-16T23:15:08.050",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 \nare susceptible to a difficult to exploit Reflected Cross-Site Scripting\n (XSS) vulnerability. Successful exploit requires the attacker to know \nspecific information about the target instance and trick a privileged \nuser into clicking a specially crafted link. This could allow the \nattacker to view or modify configuration settings or add or modify user \naccounts. \n\n\n\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-alert@netapp.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.9,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.6,
+        "impactScore": 4.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-alert@netapp.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://security.netapp.com/advisory/ntap-20240216-0013/",
+      "source": "security-alert@netapp.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-02-16T23:00:24.404168+00:00
+2024-02-17T00:55:24.791630+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-02-16T22:15:08.160000+00:00
+2024-02-17T00:15:08.577000+00:00
 ```

 ### Last Data Feed Release
@ -29,51 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-238768
+238770
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `7`
+Recently added CVEs: `2`

-* [CVE-2023-45918](CVE-2023/CVE-2023-459xx/CVE-2023-45918.json) (`2024-02-16T22:15:07.880`)
-* [CVE-2024-21987](CVE-2024/CVE-2024-219xx/CVE-2024-21987.json) (`2024-02-16T21:15:08.053`)
-* [CVE-2024-25083](CVE-2024/CVE-2024-250xx/CVE-2024-25083.json) (`2024-02-16T21:15:08.260`)
-* [CVE-2024-25627](CVE-2024/CVE-2024-256xx/CVE-2024-25627.json) (`2024-02-16T21:15:08.430`)
-* [CVE-2024-25628](CVE-2024/CVE-2024-256xx/CVE-2024-25628.json) (`2024-02-16T21:15:08.657`)
-* [CVE-2024-24750](CVE-2024/CVE-2024-247xx/CVE-2024-24750.json) (`2024-02-16T22:15:07.947`)
-* [CVE-2024-24758](CVE-2024/CVE-2024-247xx/CVE-2024-24758.json) (`2024-02-16T22:15:08.160`)
+* [CVE-2024-21983](CVE-2024/CVE-2024-219xx/CVE-2024-21983.json) (`2024-02-16T23:15:07.857`)
+* [CVE-2024-21984](CVE-2024/CVE-2024-219xx/CVE-2024-21984.json) (`2024-02-16T23:15:08.050`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `27`
+Recently modified CVEs: `1`

-* [CVE-2023-50349](CVE-2023/CVE-2023-503xx/CVE-2023-50349.json) (`2024-02-16T21:34:23.923`)
-* [CVE-2024-24931](CVE-2024/CVE-2024-249xx/CVE-2024-24931.json) (`2024-02-16T21:33:29.340`)
-* [CVE-2024-24930](CVE-2024/CVE-2024-249xx/CVE-2024-24930.json) (`2024-02-16T21:33:40.590`)
-* [CVE-2024-24819](CVE-2024/CVE-2024-248xx/CVE-2024-24819.json) (`2024-02-16T21:34:17.650`)
-* [CVE-2024-0595](CVE-2024/CVE-2024-05xx/CVE-2024-0595.json) (`2024-02-16T21:34:39.327`)
-* [CVE-2024-0596](CVE-2024/CVE-2024-05xx/CVE-2024-0596.json) (`2024-02-16T21:34:53.293`)
-* [CVE-2024-1406](CVE-2024/CVE-2024-14xx/CVE-2024-1406.json) (`2024-02-16T21:35:22.940`)
-* [CVE-2024-22361](CVE-2024/CVE-2024-223xx/CVE-2024-22361.json) (`2024-02-16T21:35:31.953`)
-* [CVE-2024-1430](CVE-2024/CVE-2024-14xx/CVE-2024-1430.json) (`2024-02-16T21:35:39.290`)
-* [CVE-2024-1431](CVE-2024/CVE-2024-14xx/CVE-2024-1431.json) (`2024-02-16T21:35:46.980`)
-* [CVE-2024-25715](CVE-2024/CVE-2024-257xx/CVE-2024-25715.json) (`2024-02-16T21:35:54.270`)
-* [CVE-2024-24932](CVE-2024/CVE-2024-249xx/CVE-2024-24932.json) (`2024-02-16T21:35:59.587`)
-* [CVE-2024-24820](CVE-2024/CVE-2024-248xx/CVE-2024-24820.json) (`2024-02-16T21:36:58.440`)
-* [CVE-2024-24821](CVE-2024/CVE-2024-248xx/CVE-2024-24821.json) (`2024-02-16T21:37:27.557`)
-* [CVE-2024-24825](CVE-2024/CVE-2024-248xx/CVE-2024-24825.json) (`2024-02-16T21:37:47.923`)
-* [CVE-2024-24829](CVE-2024/CVE-2024-248xx/CVE-2024-24829.json) (`2024-02-16T21:37:59.497`)
-* [CVE-2024-22318](CVE-2024/CVE-2024-223xx/CVE-2024-22318.json) (`2024-02-16T21:38:55.127`)
-* [CVE-2024-22332](CVE-2024/CVE-2024-223xx/CVE-2024-22332.json) (`2024-02-16T21:39:25.407`)
-* [CVE-2024-0016](CVE-2024/CVE-2024-00xx/CVE-2024-0016.json) (`2024-02-16T21:39:50.223`)
-* [CVE-2024-0017](CVE-2024/CVE-2024-00xx/CVE-2024-0017.json) (`2024-02-16T21:39:50.223`)
-* [CVE-2024-0018](CVE-2024/CVE-2024-00xx/CVE-2024-0018.json) (`2024-02-16T21:39:50.223`)
-* [CVE-2024-0019](CVE-2024/CVE-2024-00xx/CVE-2024-0019.json) (`2024-02-16T21:39:50.223`)
-* [CVE-2024-0020](CVE-2024/CVE-2024-00xx/CVE-2024-0020.json) (`2024-02-16T21:39:50.223`)
-* [CVE-2024-0021](CVE-2024/CVE-2024-00xx/CVE-2024-0021.json) (`2024-02-16T21:39:50.223`)
-* [CVE-2024-0023](CVE-2024/CVE-2024-00xx/CVE-2024-0023.json) (`2024-02-16T21:39:50.223`)
+* [CVE-2022-40433](CVE-2022/CVE-2022-404xx/CVE-2022-40433.json) (`2024-02-17T00:15:08.577`)


 ## Download and Usage