admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 11:07:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-11T07:00:24.772475+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-11 07:00:28 +00:00
parent afe872ca8f
commit 5ebd9e12c3
11 changed files with 143 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2023/CVE-2023-27xx/CVE-2023-2700.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2700",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-15T22:15:12.207",
"lastModified": "2023-07-06T19:15:10.307",
"lastModified": "2024-02-11T06:15:10.860",
"vulnStatus": "Modified",
"descriptions": [
{
@ -111,6 +111,10 @@
"Patch"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVK6JKP36CHE7YAFDJNPNLTW4OWJJ7TQ/",
"source": "secalert@redhat.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230706-0001/",
"source": "secalert@redhat.com"

6
CVE-2023/CVE-2023-37xx/CVE-2023-3750.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3750",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-24T16:15:13.267",
"lastModified": "2023-11-07T14:15:21.660",
"lastModified": "2024-02-11T06:15:11.140",
"vulnStatus": "Modified",
"descriptions": [
{
@ -117,6 +117,10 @@
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVK6JKP36CHE7YAFDJNPNLTW4OWJJ7TQ/",
"source": "secalert@redhat.com"
}
]
}

28
CVE-2023/CVE-2023-524xx/CVE-2023-52428.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-52428",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-11T05:15:08.383",
"lastModified": "2024-02-11T05:15:08.383",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PBKDF2) component."
}
],
"metrics": {},
"references": [
{
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3b3b77e",
"source": "cve@mitre.org"
},
{
"url": "https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/526/",
"source": "cve@mitre.org"
},
{
"url": "https://connect2id.com/products/nimbus-jose-jwt",
"source": "cve@mitre.org"
}
]
}

6
CVE-2023/CVE-2023-53xx/CVE-2023-5371.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5371",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-10-04T17:15:10.437",
"lastModified": "2024-02-10T02:15:42.320",
"lastModified": "2024-02-11T06:15:11.297",
"vulnStatus": "Modified",
"descriptions": [
{
@ -120,6 +120,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34DBP5P2RHQ7XUABPANYYMOGV5KS6VEP/",
"source": "cve@gitlab.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MADSCHKZSCKQ5NLIX3UMOIJD2JZ65L4V/",
"source": "cve@gitlab.com"
},
{
"url": "https://security.gentoo.org/glsa/202402-09",
"source": "cve@gitlab.com"

6
CVE-2023/CVE-2023-61xx/CVE-2023-6174.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-6174",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-11-16T12:15:07.240",
"lastModified": "2024-02-10T02:15:42.427",
"lastModified": "2024-02-11T06:15:11.437",
"vulnStatus": "Modified",
"descriptions": [
{
@ -126,6 +126,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34DBP5P2RHQ7XUABPANYYMOGV5KS6VEP/",
"source": "cve@gitlab.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MADSCHKZSCKQ5NLIX3UMOIJD2JZ65L4V/",
"source": "cve@gitlab.com"
},
{
"url": "https://security.gentoo.org/glsa/202402-09",
"source": "cve@gitlab.com"

6
CVE-2024/CVE-2024-02xx/CVE-2024-0208.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-0208",
"sourceIdentifier": "cve@gitlab.com",
"published": "2024-01-03T08:15:10.340",
"lastModified": "2024-02-10T02:15:42.520",
"lastModified": "2024-02-11T06:15:11.573",
"vulnStatus": "Modified",
"descriptions": [
{
@ -125,6 +125,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34DBP5P2RHQ7XUABPANYYMOGV5KS6VEP/",
"source": "cve@gitlab.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MADSCHKZSCKQ5NLIX3UMOIJD2JZ65L4V/",
"source": "cve@gitlab.com"
},
{
"url": "https://www.wireshark.org/security/wnpa-sec-2024-01.html",
"source": "cve@gitlab.com",

8
CVE-2024/CVE-2024-216xx/CVE-2024-21626.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21626",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-31T22:15:53.780",
"lastModified": "2024-02-09T15:38:09.697",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-11T06:15:11.683",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -163,6 +163,10 @@
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J/",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL/",
"source": "security-advisories@github.com",

6
CVE-2024/CVE-2024-232xx/CVE-2024-23222.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23222",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-01-23T01:15:11.500",
"lastModified": "2024-02-09T02:15:09.197",
"lastModified": "2024-02-11T06:15:11.833",
"vulnStatus": "Modified",
"cisaExploitAdd": "2024-01-23",
"cisaActionDue": "2024-02-13",
@ -185,6 +185,10 @@
"url": "http://www.openwall.com/lists/oss-security/2024/02/05/8",
"source": "product-security@apple.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/",
"source": "product-security@apple.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/",
"source": "product-security@apple.com"

40
CVE-2024/CVE-2024-257xx/CVE-2024-25718.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2024-25718",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-11T05:15:08.463",
"lastModified": "2024-02-11T05:15:08.463",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the Samly package before 1.4.0 for Elixir, Samly.State.Store.get_assertion/3 can return an expired session, which interferes with access control because Samly.AuthHandler uses a cached session and does not replace it, even after expiry."
}
],
"metrics": {},
"references": [
{
"url": "https://diff.hex.pm/diff/samly/1.3.0..1.4.0",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/dropbox/samly",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/dropbox/samly/pull/13",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/dropbox/samly/pull/13/commits/812b5c3ad076dc9c9334c1a560c8e6470607d1eb",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/handnot2/samly",
"source": "cve@mitre.org"
},
{
"url": "https://hex.pm/packages/samly",
"source": "cve@mitre.org"
}
]
}

24
CVE-2024/CVE-2024-257xx/CVE-2024-25722.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2024-25722",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-11T05:15:08.523",
"lastModified": "2024-02-11T05:15:08.523",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "qanything_kernel/connector/database/mysql/mysql_client.py in qanything.ai QAnything before 1.2.0 allows SQL Injection."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/netease-youdao/QAnything/commit/35753b892c2c4361b318d68dfa3e251c85ce889c",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/netease-youdao/QAnything/compare/v1.1.1...v1.2.0",
"source": "cve@mitre.org"
}
]
}

25
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-11T05:00:23.814178+00:00
2024-02-11T07:00:24.772475+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-11T04:15:08.100000+00:00
2024-02-11T06:15:11.833000+00:00
```
### Last Data Feed Release
@ -29,24 +29,29 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
238115
238118
```
### CVEs added in the last Commit
Recently added CVEs: `5`
Recently added CVEs: `3`
* [CVE-2023-52427](CVE-2023/CVE-2023-524xx/CVE-2023-52427.json) (`2024-02-11T04:15:08.100`)
* [CVE-2024-1431](CVE-2024/CVE-2024-14xx/CVE-2024-1431.json) (`2024-02-11T03:15:07.733`)
* [CVE-2024-1432](CVE-2024/CVE-2024-14xx/CVE-2024-1432.json) (`2024-02-11T03:15:08.930`)
* [CVE-2024-25714](CVE-2024/CVE-2024-257xx/CVE-2024-25714.json) (`2024-02-11T03:15:09.393`)
* [CVE-2024-25715](CVE-2024/CVE-2024-257xx/CVE-2024-25715.json) (`2024-02-11T03:15:09.453`)
* [CVE-2023-52428](CVE-2023/CVE-2023-524xx/CVE-2023-52428.json) (`2024-02-11T05:15:08.383`)
* [CVE-2024-25718](CVE-2024/CVE-2024-257xx/CVE-2024-25718.json) (`2024-02-11T05:15:08.463`)
* [CVE-2024-25722](CVE-2024/CVE-2024-257xx/CVE-2024-25722.json) (`2024-02-11T05:15:08.523`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `7`
* [CVE-2023-2700](CVE-2023/CVE-2023-27xx/CVE-2023-2700.json) (`2024-02-11T06:15:10.860`)
* [CVE-2023-3750](CVE-2023/CVE-2023-37xx/CVE-2023-3750.json) (`2024-02-11T06:15:11.140`)
* [CVE-2023-5371](CVE-2023/CVE-2023-53xx/CVE-2023-5371.json) (`2024-02-11T06:15:11.297`)
* [CVE-2023-6174](CVE-2023/CVE-2023-61xx/CVE-2023-6174.json) (`2024-02-11T06:15:11.437`)
* [CVE-2024-0208](CVE-2024/CVE-2024-02xx/CVE-2024-0208.json) (`2024-02-11T06:15:11.573`)
* [CVE-2024-21626](CVE-2024/CVE-2024-216xx/CVE-2024-21626.json) (`2024-02-11T06:15:11.683`)
* [CVE-2024-23222](CVE-2024/CVE-2024-232xx/CVE-2024-23222.json) (`2024-02-11T06:15:11.833`)
## Download and Usage