diff --git a/CVE-2024/CVE-2024-257xx/CVE-2024-25710.json b/CVE-2024/CVE-2024-257xx/CVE-2024-25710.json new file mode 100644 index 00000000000..52cacb3172b --- /dev/null +++ b/CVE-2024/CVE-2024-257xx/CVE-2024-25710.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-25710", + "sourceIdentifier": "security@apache.org", + "published": "2024-02-19T09:15:37.943", + "lastModified": "2024-02-19T09:15:37.943", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0.\n\nUsers are recommended to upgrade to version 1.26.0 which fixes the issue.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@apache.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.4, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-835" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-263xx/CVE-2024-26308.json b/CVE-2024/CVE-2024-263xx/CVE-2024-26308.json new file mode 100644 index 00000000000..a9e7808213b --- /dev/null +++ b/CVE-2024/CVE-2024-263xx/CVE-2024-26308.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2024-26308", + "sourceIdentifier": "security@apache.org", + "published": "2024-02-19T09:15:38.277", + "lastModified": "2024-02-19T09:15:38.277", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26.\n\nUsers are recommended to upgrade to version 1.26, which fixes the issue.\n\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/ch5yo2d21p7vlqrhll9b17otbyq4npfg", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 68aa42ad7c4..b67da175d94 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-02-19T07:00:24.124559+00:00 +2024-02-19T11:01:05.710679+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-02-19T06:15:07.890000+00:00 +2024-02-19T09:15:38.277000+00:00 ``` ### Last Data Feed Release @@ -29,16 +29,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -238872 +238874 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `2` -* [CVE-2024-26327](CVE-2024/CVE-2024-263xx/CVE-2024-26327.json) (`2024-02-19T05:15:22.527`) -* [CVE-2024-26328](CVE-2024/CVE-2024-263xx/CVE-2024-26328.json) (`2024-02-19T05:15:26.263`) -* [CVE-2024-24722](CVE-2024/CVE-2024-247xx/CVE-2024-24722.json) (`2024-02-19T06:15:07.890`) +* [CVE-2024-25710](CVE-2024/CVE-2024-257xx/CVE-2024-25710.json) (`2024-02-19T09:15:37.943`) +* [CVE-2024-26308](CVE-2024/CVE-2024-263xx/CVE-2024-26308.json) (`2024-02-19T09:15:38.277`) ### CVEs modified in the last Commit