admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-04T21:00:24.404328+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-04 21:00:28 +00:00
parent 83a537dac8
commit c7b3e76092
10 changed files with 144 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
CVE-2021/CVE-2021-44xx/CVE-2021-4435.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2021-4435",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2024-02-04T20:15:45.657",
"lastModified": "2024-02-04T20:15:45.657",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An untrusted search path vulnerability was found in Yarn. When a victim runs certain Yarn commands in a directory with attacker-controlled content, malicious commands could be executed in unexpected ways."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "patrick@puiterwijk.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "patrick@puiterwijk.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-426"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2021-4435",
"source": "patrick@puiterwijk.org"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262284",
"source": "patrick@puiterwijk.org"
},
{
"url": "https://github.com/yarnpkg/yarn/commit/67fcce88935e45092ffa2674c08053f1ef5268a1",
"source": "patrick@puiterwijk.org"
},
{
"url": "https://github.com/yarnpkg/yarn/releases/tag/v1.22.13",
"source": "patrick@puiterwijk.org"
}
]
}

6
CVE-2023/CVE-2023-523xx/CVE-2023-52355.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52355",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-25T20:15:38.353",
"lastModified": "2024-01-31T17:59:49.903",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-04T20:15:45.900",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-400"
"value": "CWE-787"
}
]
}

20
CVE-2023/CVE-2023-524xx/CVE-2023-52425.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-52425",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-04T20:15:46.063",
"lastModified": "2024-02-04T20:15:46.063",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/libexpat/libexpat/pull/789",
"source": "cve@mitre.org"
}
]
}

28
CVE-2023/CVE-2023-524xx/CVE-2023-52426.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-52426",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-02-04T20:15:46.120",
"lastModified": "2024-02-04T20:15:46.120",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time."
}
],
"metrics": {},
"references": [
{
"url": "https://cwe.mitre.org/data/definitions/776.html",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/libexpat/libexpat/commit/0f075ec8ecb5e43f8fdca5182f8cca4703da0404",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/libexpat/libexpat/pull/777",
"source": "cve@mitre.org"
}
]
}

6
CVE-2023/CVE-2023-62xx/CVE-2023-6291.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6291",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-26T15:15:08.280",
"lastModified": "2024-02-03T01:42:08.807",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-04T20:15:46.173",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-601"
}
]
}

6
CVE-2023/CVE-2023-64xx/CVE-2023-6476.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6476",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-09T22:15:43.610",
"lastModified": "2024-01-18T18:16:25.947",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-04T20:15:46.327",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-400"
"value": "CWE-770"
}
]
}

4
CVE-2023/CVE-2023-68xx/CVE-2023-6816.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-6816",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-18T05:15:08.607",
"lastModified": "2024-01-31T16:15:45.150",
"lastModified": "2024-02-04T20:15:46.477",
"vulnStatus": "Modified",
"descriptions": [
{
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-119"
"value": "CWE-787"
}
]
}

4
CVE-2023/CVE-2023-69xx/CVE-2023-6944.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-6944",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-04T10:15:11.517",
"lastModified": "2024-01-25T16:15:08.177",
"lastModified": "2024-02-04T20:15:46.650",
"vulnStatus": "Modified",
"descriptions": [
{
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-200"
"value": "CWE-209"
}
]
}

4
CVE-2023/CVE-2023-71xx/CVE-2023-7192.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-7192",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-02T19:15:11.510",
"lastModified": "2024-01-30T13:15:07.933",
"lastModified": "2024-02-04T20:15:46.787",
"vulnStatus": "Modified",
"descriptions": [
{
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-402"
"value": "CWE-401"
}
]
}

21
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-04T19:00:25.019691+00:00
2024-02-04T21:00:24.404328+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-04T18:16:00.713000+00:00
2024-02-04T20:15:46.787000+00:00
```
### Last Data Feed Release
@ -29,21 +29,28 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
237515
237518
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `3`
* [CVE-2018-25098](CVE-2018/CVE-2018-250xx/CVE-2018-25098.json) (`2024-02-04T17:15:07.880`)
* [CVE-2020-36773](CVE-2020/CVE-2020-367xx/CVE-2020-36773.json) (`2024-02-04T18:16:00.713`)
* [CVE-2021-4435](CVE-2021/CVE-2021-44xx/CVE-2021-4435.json) (`2024-02-04T20:15:45.657`)
* [CVE-2023-52425](CVE-2023/CVE-2023-524xx/CVE-2023-52425.json) (`2024-02-04T20:15:46.063`)
* [CVE-2023-52426](CVE-2023/CVE-2023-524xx/CVE-2023-52426.json) (`2024-02-04T20:15:46.120`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `6`
* [CVE-2023-52355](CVE-2023/CVE-2023-523xx/CVE-2023-52355.json) (`2024-02-04T20:15:45.900`)
* [CVE-2023-6291](CVE-2023/CVE-2023-62xx/CVE-2023-6291.json) (`2024-02-04T20:15:46.173`)
* [CVE-2023-6476](CVE-2023/CVE-2023-64xx/CVE-2023-6476.json) (`2024-02-04T20:15:46.327`)
* [CVE-2023-6816](CVE-2023/CVE-2023-68xx/CVE-2023-6816.json) (`2024-02-04T20:15:46.477`)
* [CVE-2023-6944](CVE-2023/CVE-2023-69xx/CVE-2023-6944.json) (`2024-02-04T20:15:46.650`)
* [CVE-2023-7192](CVE-2023/CVE-2023-71xx/CVE-2023-7192.json) (`2024-02-04T20:15:46.787`)
## Download and Usage