Auto-Update: 2025-03-09T00:55:19.071020+00:00

2025-05-08 03:27:17 +00:00 · 2025-03-09 00:58:47 +00:00 · 2025-03-09 00:58:47 +00:00 · c0f327ad6c
commit c0f327ad6c
parent 4ff994bd43
6 changed files with 239 additions and 9 deletions
--- a/CVE-2023/CVE-2023-529xx/CVE-2023-52968.json
+++ b/CVE-2023/CVE-2023-529xx/CVE-2023-52968.json
@ -0,0 +1,56 @@
+{
+  "id": "CVE-2023-52968",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-03-08T23:15:13.173",
+  "lastModified": "2025-03-08T23:15:13.173",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+          "baseScore": 4.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-696"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://jira.mariadb.org/browse/MDEV-32082",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-529xx/CVE-2023-52969.json
+++ b/CVE-2023/CVE-2023-529xx/CVE-2023-52969.json
@ -0,0 +1,56 @@
+{
+  "id": "CVE-2023-52969",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-03-08T23:15:14.357",
+  "lastModified": "2025-03-08T23:15:14.357",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+          "baseScore": 4.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-1038"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://jira.mariadb.org/browse/MDEV-32083",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-529xx/CVE-2023-52970.json
+++ b/CVE-2023/CVE-2023-529xx/CVE-2023-52970.json
@ -0,0 +1,56 @@
+{
+  "id": "CVE-2023-52970",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-03-08T23:15:14.527",
+  "lastModified": "2025-03-08T23:15:14.527",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+          "baseScore": 4.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-1038"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://jira.mariadb.org/browse/MDEV-32086",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-529xx/CVE-2023-52971.json
+++ b/CVE-2023/CVE-2023-529xx/CVE-2023-52971.json
@ -0,0 +1,56 @@
+{
+  "id": "CVE-2023-52971",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-03-08T23:15:14.683",
+  "lastModified": "2025-03-08T23:15:14.683",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "MariaDB Server 10.10 through 10.11.* and 11.0 through 11.4.* crashes in JOIN::fix_all_splittings_in_plan."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+          "baseScore": 4.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-1038"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://jira.mariadb.org/browse/MDEV-32084",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-03-08T23:00:19.561693+00:00
+2025-03-09T00:55:19.071020+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-03-08T22:15:36.443000+00:00
+2025-03-08T23:15:14.683000+00:00
 ```

 ### Last Data Feed Release
@ -33,21 +33,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-284554
+284558
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `4`

- [CVE-2025-2112](CVE-2025/CVE-2025-21xx/CVE-2025-2112.json) (`2025-03-08T22:15:36.443`)
+- [CVE-2023-52968](CVE-2023/CVE-2023-529xx/CVE-2023-52968.json) (`2025-03-08T23:15:13.173`)
+- [CVE-2023-52969](CVE-2023/CVE-2023-529xx/CVE-2023-52969.json) (`2025-03-08T23:15:14.357`)
+- [CVE-2023-52970](CVE-2023/CVE-2023-529xx/CVE-2023-52970.json) (`2025-03-08T23:15:14.527`)
+- [CVE-2023-52971](CVE-2023/CVE-2023-529xx/CVE-2023-52971.json) (`2025-03-08T23:15:14.683`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `1`
+Recently modified CVEs: `0`

- [CVE-2025-27840](CVE-2025/CVE-2025-278xx/CVE-2025-27840.json) (`2025-03-08T21:15:11.177`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -241512,7 +241512,11 @@ CVE-2023-52953,0,0,505d22422517c509093e20be4fa6cef03d81124377bff73b0554278d7ae4f
 CVE-2023-52954,0,0,8b4c2bb5bacf8eb27f78e90b0f6b79604ad46840b6b95dc0e1c12132d9665f10,2025-01-13T19:09:19.737000
 CVE-2023-52955,0,0,13e36a7d0105631ad28d1b673d8b8d79157696f3624304a40ce36ea78894df3c,2025-01-13T19:09:36.110000
 CVE-2023-5296,0,0,b04d4fbd343c2e856b8ac0aee32ec4da2662cf244be6db174bfbc8064e9c4681,2024-11-21T08:41:28.453000
+CVE-2023-52968,1,1,7d7017d47fdc41e3e4382ea18c9a97530a26e09292e7e2f297d71870121f3415,2025-03-08T23:15:13.173000
+CVE-2023-52969,1,1,c90b0b9b94f7aa6094165ea47bf25e4d4f6a2c547333196d3f390267e432056a,2025-03-08T23:15:14.357000
 CVE-2023-5297,0,0,de1f61d8e4cdd3b9b3c94e1a593ca1d09a649ba1f11645b247141deb55a46d5b,2024-11-21T08:41:28.590000
+CVE-2023-52970,1,1,6a433af374dbc904a0840bdcb33e1cb62cb25ebe64fba086d6a5d24ddabace61,2025-03-08T23:15:14.527000
+CVE-2023-52971,1,1,4c48cf99780e3a1c16d35329f6b3db8ed3324f7f365e0b184756cb780a4e30a4,2025-03-08T23:15:14.683000
 CVE-2023-5298,0,0,f53cf1dcb6f115d92d16e5c66372cdfa06b4033bbcfb51673e0e9ae138cbc0c7,2024-11-21T08:41:28.727000
 CVE-2023-5299,0,0,d1a3f4df2181486873f0f83a21c7898914e70351cf79e1f3914b8afd11231fe5,2024-11-21T08:41:28.867000
 CVE-2023-5300,0,0,eada94012fd708691ea3792cf6b054b3ad0de381a1556cd7e6c92c322c4e2e74,2024-11-21T08:41:29.013000
@ -281491,7 +281495,7 @@ CVE-2025-21106,0,0,f21695bcd3dc50ebb62318d228568a1613cd20d1a89ae6dcd1f4af03df1c2
 CVE-2025-21107,0,0,0827735892f4001f988a0739aad719c8ee1fb9144fe1da312da1da34f24b5ce6,2025-02-07T20:01:14.760000
 CVE-2025-21111,0,0,36449c466fabe660f3fc2f10d8992e6a7d9c5e3d2cf72d3dce2cc840c6da552b,2025-01-24T19:11:42.417000
 CVE-2025-21117,0,0,3c59ddab13aed7617d82cbb9fbab3c190cbfe8b424cc570d2e879fe06ca6cee2,2025-02-05T14:15:27.417000
-CVE-2025-2112,1,1,85227d11e81908281475abb4c87b58749be99c2e996f8b7b4c8c362d9654e82a,2025-03-08T22:15:36.443000
+CVE-2025-2112,0,0,85227d11e81908281475abb4c87b58749be99c2e996f8b7b4c8c362d9654e82a,2025-03-08T22:15:36.443000
 CVE-2025-21121,0,0,1697e078ff9a5405d9a543461696c63d50506a646e18e458652be622eb5556f4,2025-03-03T14:54:17.487000
 CVE-2025-21122,0,0,969e44e0224fb47d95b87aed16b2a93d9ca09db3ac6fe7fd40cad9e935dc7db9,2025-02-11T14:47:41.453000
 CVE-2025-21123,0,0,0be58033a62e1c138323b992604392193cd26a8c4f221072c6847ce8703ed4eb,2025-03-03T14:54:17.487000
@ -284552,4 +284556,4 @@ CVE-2025-27824,0,0,bbbadd94bca912d17091ba5687790372eed06151266f5eb5403da18d55309
 CVE-2025-27825,0,0,99e9b9d3befd54cbb55880416607fbc7e5d90c9fee9cdc2881cb2480979fee41,2025-03-07T22:15:38.380000
 CVE-2025-27826,0,0,83fe28f5c1c38336a328c924367a016f575cf3bedee9c6070949943b515ded3d,2025-03-07T22:15:38.527000
 CVE-2025-27839,0,0,212b3d30d2c1f53f372c7e143c6e03922deeb9da14f018db14d5749815db8000,2025-03-08T00:15:38.340000
-CVE-2025-27840,0,1,5aa7d8e9662fef514fce3ae6e5e00a97364110257bf9630ffa81cb5e4cc13971,2025-03-08T21:15:11.177000
+CVE-2025-27840,0,0,5aa7d8e9662fef514fce3ae6e5e00a97364110257bf9630ffa81cb5e4cc13971,2025-03-08T21:15:11.177000