Auto-Update: 2024-07-07T20:00:24.258887+00:00

2025-07-09 16:05:11 +00:00 · 2024-07-07 20:03:18 +00:00 · 2024-07-07 20:03:18 +00:00 · 7869751891
commit 7869751891
parent 75a6d46b9f
3 changed files with 66 additions and 5 deletions
--- a/CVE-2024/CVE-2024-36xx/CVE-2024-3651.json
+++ b/CVE-2024/CVE-2024-36xx/CVE-2024-3651.json
@ -0,0 +1,60 @@
 {
  "id": "CVE-2024-3651",
  "sourceIdentifier": "security@huntr.dev",
  "published": "2024-07-07T18:15:09.827",
  "lastModified": "2024-07-07T18:15:09.827",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity and consequently, a denial of service condition. This vulnerability is triggered by a crafted input that causes the `idna.encode()` function to process the input with considerable computational load, significantly increasing the processing time in a quadratic manner relative to the input size."
    }
  ],
  "metrics": {
    "cvssMetricV30": [
      {
        "source": "security@huntr.dev",
        "type": "Secondary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH",
          "baseScore": 6.2,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security@huntr.dev",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d",
      "source": "security@huntr.dev"
    },
    {
      "url": "https://huntr.com/bounties/93d78d07-d791-4b39-a845-cbfabc44aadb",
      "source": "security@huntr.dev"
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 ```plain
-2024-07-07T18:00:42.520950+00:00
+2024-07-07T20:00:24.258887+00:00
 ```
 ### Most recent CVE Modification Timestamp synchronized with NVD
 ```plain
-2024-07-07T16:15:02.013000+00:00
+2024-07-07T18:15:09.827000+00:00
 ```
 ### Last Data Feed Release
@ -33,14 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 ```plain
-255978
+255979
 ```
 ### CVEs added in the last Commit
 Recently added CVEs: `1`
- [CVE-2024-6229](CVE-2024/CVE-2024-62xx/CVE-2024-6229.json) (`2024-07-07T16:15:02.013`)
+- [CVE-2024-3651](CVE-2024/CVE-2024-36xx/CVE-2024-3651.json) (`2024-07-07T18:15:09.827`)
 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -253082,6 +253082,7 @@ CVE-2024-36500,0,0,257fd399a14a7141c50c9e2046f94aaac781c0de172f7af5b46d8dab39ba2
 CVE-2024-36501,0,0,31cf8d7c71722235c9f044b51d6c28f28965439d43fd3f0fcf21214d656b125f,2024-06-17T12:42:04.623000
 CVE-2024-36502,0,0,af0ea55ba6dbd08cf23c5f8732d2aeb0cf79fdfab13bdf5e07cadc44342549d0,2024-06-17T12:42:04.623000
 CVE-2024-36503,0,0,3aef981902bcd0cfa43896ed1ada7c9ec64d59690838f1ba35c268bf26e5218a,2024-06-17T12:42:04.623000
 CVE-2024-3651,1,1,be30455c34a2654395eb4a44c80e2f772b86721c620f12a6b7595d8d6eb72c8b,2024-07-07T18:15:09.827000
 CVE-2024-3652,0,0,455dabb71414a7592172807b25da69c5818ecc78456d9f87c63904d4c0988a33,2024-05-01T17:15:37.793000
 CVE-2024-36523,0,0,779ff20f3e54c54b68fa38cf8a73a6874fca821f18024ef38fb974b398395dd0,2024-06-13T18:36:09.010000
 CVE-2024-36527,0,0,5a4da781a91464af6910d804126691f30125cf5f5ae9e52379cc70e43ae0f627,2024-07-03T02:03:14.827000
@ -255866,7 +255867,7 @@ CVE-2024-6216,0,0,163aaa10da8fbd3f1a722ddf5828825abea50c90fd2d9b89c4bf2c73ab93f6
 CVE-2024-6217,0,0,3711ed31aaa9f7586428ac093ba9118453625e92a316540d8e0c90d5655ba292,2024-06-21T11:22:01.687000
 CVE-2024-6218,0,0,080145c08c5ffaf1b0f4fe61601c30772836ccbea26d111bc22bd57681c581e7,2024-06-21T15:15:16.547000
 CVE-2024-6225,0,0,05da1495d7d116987721ea4d8dad783669e833db8afd42c6e9b9d7b36358250e,2024-06-24T19:21:28.450000
-CVE-2024-6229,1,1,f1f054c8daa5ac2c46672d5a0f53c7a9d2a940a35470133039aaba3576e253b3,2024-07-07T16:15:02.013000
+CVE-2024-6229,0,0,f1f054c8daa5ac2c46672d5a0f53c7a9d2a940a35470133039aaba3576e253b3,2024-07-07T16:15:02.013000
 CVE-2024-6238,0,0,01bce4fcd5bf21099e3fa29fb7e34bf0d2a461d152d0ae3d9b913c1fb46d1451,2024-06-25T18:50:42.040000
 CVE-2024-6239,0,0,4d98a21d53ef2e5917897cadc254a12ee654ff1e3575a82a15151981272f61b5,2024-06-24T19:06:27.537000
 CVE-2024-6240,0,0,3ba60659d5977ed2c81ae70dc02c754f9eebbd14309190bebb86d2a019bd47a8,2024-06-24T19:10:38.983000