Auto-Update: 2025-01-24T05:00:24.648490+00:00

2025-07-11 16:13:34 +00:00 · 2025-01-24 05:03:50 +00:00 · 2025-01-24 05:03:50 +00:00 · 7bd05ed8e3
commit 7bd05ed8e3
parent 16a033b1b0
4 changed files with 127 additions and 9 deletions
--- a/CVE-2024/CVE-2024-119xx/CVE-2024-11931.json
+++ b/CVE-2024/CVE-2024-119xx/CVE-2024-11931.json
@ -0,0 +1,56 @@
 {
  "id": "CVE-2024-11931",
  "sourceIdentifier": "cve@gitlab.com",
  "published": "2025-01-24T03:15:06.590",
  "lastModified": "2025-01-24T03:15:06.590",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.6.4, from 17.7 prior to 17.7.3, and from 17.8 prior to 17.8.1. Under certain conditions, it may have been possible for users with developer role to exfiltrate protected CI variables via CI lint."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "cve@gitlab.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
          "baseScore": 6.4,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 2.7
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cve@gitlab.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-1220"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/480901",
      "source": "cve@gitlab.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-03xx/CVE-2025-0314.json
+++ b/CVE-2025/CVE-2025-03xx/CVE-2025-0314.json
@ -0,0 +1,60 @@
 {
  "id": "CVE-2025-0314",
  "sourceIdentifier": "cve@gitlab.com",
  "published": "2025-01-24T03:15:07.320",
  "lastModified": "2025-01-24T03:15:07.320",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.6.4, 17.7 before 17.7.3, and 17.8 before 17.8.1. Improper rendering of certain file types lead to cross-site scripting."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "cve@gitlab.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "REQUIRED",
          "scope": "CHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "NONE"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 5.8
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cve@gitlab.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/512118",
      "source": "cve@gitlab.com"
    },
    {
      "url": "https://hackerone.com/reports/2922313",
      "source": "cve@gitlab.com"
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 ```plain
-2025-01-24T03:00:25.580080+00:00
+2025-01-24T05:00:24.648490+00:00
 ```
 ### Most recent CVE Modification Timestamp synchronized with NVD
 ```plain
-2025-01-24T02:15:26.660000+00:00
+2025-01-24T03:15:07.320000+00:00
 ```
 ### Last Data Feed Release
@ -33,21 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 ```plain
-278730
+278732
 ```
 ### CVEs added in the last Commit
-Recently added CVEs: `1`
+Recently added CVEs: `2`
- [CVE-2021-30745](CVE-2021/CVE-2021-307xx/CVE-2021-30745.json) (`2025-01-24T01:15:07.393`)
+- [CVE-2024-11931](CVE-2024/CVE-2024-119xx/CVE-2024-11931.json) (`2025-01-24T03:15:06.590`)
 - [CVE-2025-0314](CVE-2025/CVE-2025-03xx/CVE-2025-0314.json) (`2025-01-24T03:15:07.320`)
 ### CVEs modified in the last Commit
-Recently modified CVEs: `1`
+Recently modified CVEs: `0`
 - [CVE-2020-11023](CVE-2020/CVE-2020-110xx/CVE-2020-11023.json) (`2025-01-24T02:00:02.453`)
 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -146198,7 +146198,7 @@ CVE-2020-1102,0,0,beb55d980417bd8b6d1ce31e3a0727b369b5062516d21b175570c1b1aee391
 CVE-2020-11020,0,0,a0d36a559ebe7f953236588db302bbdd420d19b4ac6cb48d12345feacaed921c,2024-11-21T04:56:35.843000
 CVE-2020-11021,0,0,c19a191fbddcb3f9a17a7591bedcd6fc94ddcd9ad61bf21f8bba572829211e6f,2024-11-21T04:56:35.970000
 CVE-2020-11022,0,0,b9af85a8c30b617cd88d73a72bfd445ea341c37ec58205246aade7d3a64a8e02,2024-11-21T04:56:36.110000
-CVE-2020-11023,0,1,5f0094b33b2f96d78cf226481d9a865508d0990b70f201e263508564da3e7a8d,2025-01-24T02:00:02.453000
+CVE-2020-11023,0,0,5f0094b33b2f96d78cf226481d9a865508d0990b70f201e263508564da3e7a8d,2025-01-24T02:00:02.453000
 CVE-2020-11024,0,0,35d884b343f59a576a889d1f0a1e58df1211a54ba4869f675bb373afbcf25f85,2024-11-21T04:56:36.803000
 CVE-2020-11025,0,0,02e56c0d9fe23dd773712d5f3331b73b0d5cba4fd9ea3a26495134cd48189d2b,2024-11-21T04:56:36.933000
 CVE-2020-11026,0,0,6af682f657377c77c2e378246407611faae42b9f229818a297da012ae87ff400,2024-11-21T04:56:37.070000
@ -175107,7 +175107,7 @@ CVE-2021-30741,0,0,fac8e6ba1a5878d0907b944f5e7fc6b270232e78e329fd9070cd6144e6cbc
 CVE-2021-30742,0,0,2130396e61402ff4fb5bca6c956da9af30a802093354b2c7c9ee4f2b83a5bba2,2024-11-21T06:04:37.610000
 CVE-2021-30743,0,0,9c0167389f8d8c0ef23e4e354849e7102f2faa835f923551aa61c52bfd8c48f3,2024-11-21T06:04:37.720000
 CVE-2021-30744,0,0,f6ecf21ffb0928d6497164a5a771229df447cb4c2e5ce95d3d6382ed2eb67d7d,2024-11-21T06:04:37.863000
-CVE-2021-30745,1,1,666a7691f0243752e9a699ed7ff8a4fdaada52515efaf4f16bf25332ae7659df,2025-01-24T02:15:26.660000
+CVE-2021-30745,0,0,666a7691f0243752e9a699ed7ff8a4fdaada52515efaf4f16bf25332ae7659df,2025-01-24T02:15:26.660000
 CVE-2021-30746,0,0,024e057ad064bfceec3a705582b6af0f445c1b555363653f9a82911f5ec4723f,2024-11-21T06:04:37.990000
 CVE-2021-30748,0,0,03c5d675dc70bb738e0ed226a0041822c1bc08a99b19c6cc59def1c2ac706760,2024-11-21T06:04:38.130000
 CVE-2021-30749,0,0,164dc0f2fb1e18a38312f656d6c6a2f3d270e51ca8e1ef326b1c958645bc804f,2024-11-21T06:04:38.267000
@ -245011,6 +245011,7 @@ CVE-2024-11928,0,0,4eb81c3b991253e17b093831750d2f60d8030675796e16e7e29cc29429037
 CVE-2024-11929,0,0,66064f3187dd0089c2014740486de1ebf4355d01734d9e211585842b939a7710,2025-01-09T11:15:11.447000
 CVE-2024-1193,0,0,dfff57fc9ce7a1dbebe4335de503e2f3e62619c8f53eebdea960e5ff40a71456,2024-11-21T08:50:00.427000
 CVE-2024-11930,0,0,b88c23e4935b7f2e83397c155514381d560f1027e29cea30bba30e9bb3837da0,2025-01-04T09:15:05.880000
 CVE-2024-11931,1,1,d5dece3c18d15e15aa4a217db191f3bc9d5668e12f3e305df11068f8cafec908,2025-01-24T03:15:06.590000
 CVE-2024-11933,0,0,ff719b80c8b04b1955877df42e564ce90eac2c09e4f59c20e785f18a1e8804d6,2024-12-03T16:04:10.350000
 CVE-2024-11934,0,0,744a72b875229eda9af00bf8cde59d77110b18803c7442665bf58299c9e4d643,2025-01-07T04:15:07.520000
 CVE-2024-11935,0,0,f2a8d43d6f9999d38415d9b41f66ab77f7c4f7c94de5d0bc77beeed93d88f487,2024-12-04T13:15:05.910000
@ -277470,6 +277471,7 @@ CVE-2025-0301,0,0,cda9ba0b82510401c2a22912601ff18ed3f9b7d844758d6122fa1a90dc462c
 CVE-2025-0306,0,0,4d323f73db0781dad08a71cd877278ed734b33cabf11626e82510c57e39603e9,2025-01-09T04:15:13
 CVE-2025-0308,0,0,f89e0b2f51bdc31095df6c5f8dd7a032387c24a0f205d06445d4128d7f7c613d,2025-01-18T06:15:27.880000
 CVE-2025-0311,0,0,366f4de7a1625931fb622647148fc1b4e4ac9da9319c64a1d46f443dbcb2d417,2025-01-16T21:29:36.977000
 CVE-2025-0314,1,1,80ca5f927f75e0b60dc3f48da0cdffb06a6e0f021c4ff3fd3ad16896077ecbd6,2025-01-24T03:15:07.320000
 CVE-2025-0318,0,0,18fbca098a2261f52e0f9c17a94d13e877ff02eac8f34202aac0d050b892d79d,2025-01-18T06:15:28.017000
 CVE-2025-0328,0,0,983a37850e7593e52c7049d9c87a360510a226adf3c659d5ad2fe111082fc07f,2025-01-09T17:15:17.330000
 CVE-2025-0331,0,0,dbc642b98482c7a868d38d7a4b1240421a9e262e76044ff9bb695321876694a4,2025-01-09T17:15:17.933000