Auto-Update: 2025-04-09T23:55:19.486243+00:00

2025-06-19 17:31:42 +00:00 · 2025-04-09 23:58:52 +00:00 · 2025-04-09 23:58:52 +00:00 · 8c0913f326
commit 8c0913f326
parent d8991c148e
7 changed files with 678 additions and 486 deletions
--- a/CVE-2025/CVE-2025-243xx/CVE-2025-24375.json
+++ b/CVE-2025/CVE-2025-243xx/CVE-2025-24375.json
@ -0,0 +1,72 @@
+{
+  "id": "CVE-2025-24375",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2025-04-09T23:15:37.513",
+  "lastModified": "2025-04-09T23:15:37.513",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Charmed MySQL K8s operator is a Charmed Operator for running MySQL on Kubernetes. Before revision 221, the method for calling a SQL DDL or python based mysql-shell scripts can leak database users credentials. The method mysql-operator calls mysql-shell application rely on writing to a temporary script file containing the full URI, with user and password. The file can be read by a unprivileged user during the operator runtime, due it being created with read permissions (0x644). On other cases, when calling mysql cli, for one specific case when creating the operator users, the DDL contains said users credentials, which can be leak through the same mechanism of a temporary file. All versions prior to revision 221 for kubernetes and revision 338 for machine operators."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
+          "baseScore": 5.0,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 1.3,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-256"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/canonical/mysql-k8s-operator/commit/7c6b1206fcbc7324b72f413c5e63216e742a71a1",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/canonical/mysql-k8s-operator/pull/553",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/canonical/mysql-k8s-operator/security/advisories/GHSA-g83v-7694-2hf7",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/canonical/mysql-operator/commit/1fb61c1ee3e396cdce13d5e8155f2f32a860f89e",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/canonical/mysql-operator/pull/579",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-28xx/CVE-2025-2845.json
+++ b/CVE-2025/CVE-2025-28xx/CVE-2025-2845.json
@ -0,0 +1,16 @@
+{
+  "id": "CVE-2025-2845",
+  "sourceIdentifier": "cve@gitlab.com",
+  "published": "2025-04-09T23:15:37.690",
+  "lastModified": "2025-04-09T23:15:37.690",
+  "vulnStatus": "Rejected",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
+    }
+  ],
+  "metrics": {},
+  "references": []
+}
--- a/CVE-2025/CVE-2025-30xx/CVE-2025-3023.json
+++ b/CVE-2025/CVE-2025-30xx/CVE-2025-3023.json
@ -0,0 +1,16 @@
+{
+  "id": "CVE-2025-3023",
+  "sourceIdentifier": "cve@gitlab.com",
+  "published": "2025-04-09T23:15:38.053",
+  "lastModified": "2025-04-09T23:15:38.053",
+  "vulnStatus": "Rejected",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
+    }
+  ],
+  "metrics": {},
+  "references": []
+}
--- a/CVE-2025/CVE-2025-323xx/CVE-2025-32386.json
+++ b/CVE-2025/CVE-2025-323xx/CVE-2025-32386.json
@ -0,0 +1,64 @@
+{
+  "id": "CVE-2025-32386",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2025-04-09T23:15:37.750",
+  "lastModified": "2025-04-09T23:15:37.750",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Helm is a tool for managing Charts. A chart archive file can be crafted in a manner where it expands to be significantly larger uncompressed than compressed (e.g., >800x difference). When Helm loads this specially crafted chart, memory can be exhausted causing the application to terminate. This issue has been resolved in Helm v3.17.3."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-770"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-789"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/helm/helm/commit/d8ca55fc669645c10c0681d49723f4bb8c0b1ce7",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/helm/helm/security/advisories/GHSA-4hfp-h4cw-hj8p",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-323xx/CVE-2025-32387.json
+++ b/CVE-2025/CVE-2025-323xx/CVE-2025-32387.json
@ -0,0 +1,64 @@
+{
+  "id": "CVE-2025-32387",
+  "sourceIdentifier": "security-advisories@github.com",
+  "published": "2025-04-09T23:15:37.903",
+  "lastModified": "2025-04-09T23:15:37.903",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security-advisories@github.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security-advisories@github.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-121"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-674"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/helm/helm/commit/d8ca55fc669645c10c0681d49723f4bb8c0b1ce7",
+      "source": "security-advisories@github.com"
+    },
+    {
+      "url": "https://github.com/helm/helm/security/advisories/GHSA-5xqw-8hwv-wg92",
+      "source": "security-advisories@github.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-04-09T22:00:20.581060+00:00
+2025-04-09T23:55:19.486243+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-04-09T21:16:25.913000+00:00
+2025-04-09T23:15:38.053000+00:00
 ```

 ### Last Data Feed Release
@ -33,69 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-289445
+289450
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `28`
+Recently added CVEs: `5`

- [CVE-2025-21595](CVE-2025/CVE-2025-215xx/CVE-2025-21595.json) (`2025-04-09T20:15:25.853`)
- [CVE-2025-21597](CVE-2025/CVE-2025-215xx/CVE-2025-21597.json) (`2025-04-09T20:15:26.100`)
- [CVE-2025-21601](CVE-2025/CVE-2025-216xx/CVE-2025-21601.json) (`2025-04-09T20:15:26.350`)
- [CVE-2025-2631](CVE-2025/CVE-2025-26xx/CVE-2025-2631.json) (`2025-04-09T20:15:27.183`)
- [CVE-2025-2632](CVE-2025/CVE-2025-26xx/CVE-2025-2632.json) (`2025-04-09T20:15:27.350`)
- [CVE-2025-26888](CVE-2025/CVE-2025-268xx/CVE-2025-26888.json) (`2025-04-09T20:15:26.607`)
- [CVE-2025-26901](CVE-2025/CVE-2025-269xx/CVE-2025-26901.json) (`2025-04-09T20:15:26.773`)
- [CVE-2025-26902](CVE-2025/CVE-2025-269xx/CVE-2025-26902.json) (`2025-04-09T20:15:26.950`)
- [CVE-2025-29018](CVE-2025/CVE-2025-290xx/CVE-2025-29018.json) (`2025-04-09T21:16:25.540`)
- [CVE-2025-30644](CVE-2025/CVE-2025-306xx/CVE-2025-30644.json) (`2025-04-09T20:15:27.517`)
- [CVE-2025-30645](CVE-2025/CVE-2025-306xx/CVE-2025-30645.json) (`2025-04-09T20:15:27.727`)
- [CVE-2025-30646](CVE-2025/CVE-2025-306xx/CVE-2025-30646.json) (`2025-04-09T20:15:27.920`)
- [CVE-2025-30647](CVE-2025/CVE-2025-306xx/CVE-2025-30647.json) (`2025-04-09T20:15:28.103`)
- [CVE-2025-30648](CVE-2025/CVE-2025-306xx/CVE-2025-30648.json) (`2025-04-09T20:15:28.300`)
- [CVE-2025-30649](CVE-2025/CVE-2025-306xx/CVE-2025-30649.json) (`2025-04-09T20:15:28.490`)
- [CVE-2025-30651](CVE-2025/CVE-2025-306xx/CVE-2025-30651.json) (`2025-04-09T20:15:28.687`)
- [CVE-2025-30652](CVE-2025/CVE-2025-306xx/CVE-2025-30652.json) (`2025-04-09T20:15:28.873`)
- [CVE-2025-30653](CVE-2025/CVE-2025-306xx/CVE-2025-30653.json) (`2025-04-09T20:15:29.067`)
- [CVE-2025-30654](CVE-2025/CVE-2025-306xx/CVE-2025-30654.json) (`2025-04-09T20:15:29.233`)
- [CVE-2025-30655](CVE-2025/CVE-2025-306xx/CVE-2025-30655.json) (`2025-04-09T20:15:29.417`)
- [CVE-2025-30656](CVE-2025/CVE-2025-306xx/CVE-2025-30656.json) (`2025-04-09T20:15:29.577`)
- [CVE-2025-30657](CVE-2025/CVE-2025-306xx/CVE-2025-30657.json) (`2025-04-09T20:15:29.763`)
- [CVE-2025-30658](CVE-2025/CVE-2025-306xx/CVE-2025-30658.json) (`2025-04-09T20:15:29.943`)
- [CVE-2025-30659](CVE-2025/CVE-2025-306xx/CVE-2025-30659.json) (`2025-04-09T20:15:30.130`)
- [CVE-2025-30660](CVE-2025/CVE-2025-306xx/CVE-2025-30660.json) (`2025-04-09T20:15:30.307`)
+- [CVE-2025-24375](CVE-2025/CVE-2025-243xx/CVE-2025-24375.json) (`2025-04-09T23:15:37.513`)
+- [CVE-2025-2845](CVE-2025/CVE-2025-28xx/CVE-2025-2845.json) (`2025-04-09T23:15:37.690`)
+- [CVE-2025-3023](CVE-2025/CVE-2025-30xx/CVE-2025-3023.json) (`2025-04-09T23:15:38.053`)
+- [CVE-2025-32386](CVE-2025/CVE-2025-323xx/CVE-2025-32386.json) (`2025-04-09T23:15:37.750`)
+- [CVE-2025-32387](CVE-2025/CVE-2025-323xx/CVE-2025-32387.json) (`2025-04-09T23:15:37.903`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `403`
+Recently modified CVEs: `0`

- [CVE-2025-32659](CVE-2025/CVE-2025-326xx/CVE-2025-32659.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32661](CVE-2025/CVE-2025-326xx/CVE-2025-32661.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32664](CVE-2025/CVE-2025-326xx/CVE-2025-32664.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32667](CVE-2025/CVE-2025-326xx/CVE-2025-32667.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32669](CVE-2025/CVE-2025-326xx/CVE-2025-32669.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32673](CVE-2025/CVE-2025-326xx/CVE-2025-32673.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32675](CVE-2025/CVE-2025-326xx/CVE-2025-32675.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32676](CVE-2025/CVE-2025-326xx/CVE-2025-32676.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32677](CVE-2025/CVE-2025-326xx/CVE-2025-32677.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32678](CVE-2025/CVE-2025-326xx/CVE-2025-32678.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32679](CVE-2025/CVE-2025-326xx/CVE-2025-32679.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32680](CVE-2025/CVE-2025-326xx/CVE-2025-32680.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32683](CVE-2025/CVE-2025-326xx/CVE-2025-32683.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32684](CVE-2025/CVE-2025-326xx/CVE-2025-32684.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32685](CVE-2025/CVE-2025-326xx/CVE-2025-32685.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32690](CVE-2025/CVE-2025-326xx/CVE-2025-32690.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32691](CVE-2025/CVE-2025-326xx/CVE-2025-32691.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32692](CVE-2025/CVE-2025-326xx/CVE-2025-32692.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32693](CVE-2025/CVE-2025-326xx/CVE-2025-32693.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32694](CVE-2025/CVE-2025-326xx/CVE-2025-32694.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-32695](CVE-2025/CVE-2025-326xx/CVE-2025-32695.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-3416](CVE-2025/CVE-2025-34xx/CVE-2025-3416.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-3442](CVE-2025/CVE-2025-34xx/CVE-2025-3442.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-3474](CVE-2025/CVE-2025-34xx/CVE-2025-3474.json) (`2025-04-09T20:02:41.860`)
- [CVE-2025-3475](CVE-2025/CVE-2025-34xx/CVE-2025-3475.json) (`2025-04-09T20:02:41.860`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv