diff --git a/CVE-2022/CVE-2022-471xx/CVE-2022-47111.json b/CVE-2022/CVE-2022-471xx/CVE-2022-47111.json index dfd9b09eb9a..5e1701657d2 100644 --- a/CVE-2022/CVE-2022-471xx/CVE-2022-47111.json +++ b/CVE-2022/CVE-2022-471xx/CVE-2022-47111.json @@ -2,13 +2,13 @@ "id": "CVE-2022-47111", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-19T21:15:45.217", - "lastModified": "2025-04-19T21:15:45.217", + "lastModified": "2025-04-19T22:15:13.887", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "7-Zip through 24.09 does not report an error for certain invalid xz files, involving block flags and reserved bits." + "value": "7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected." } ], "metrics": { diff --git a/CVE-2022/CVE-2022-471xx/CVE-2022-47112.json b/CVE-2022/CVE-2022-471xx/CVE-2022-47112.json index 89e23e07142..7155caf0049 100644 --- a/CVE-2022/CVE-2022-471xx/CVE-2022-47112.json +++ b/CVE-2022/CVE-2022-471xx/CVE-2022-47112.json @@ -2,13 +2,13 @@ "id": "CVE-2022-47112", "sourceIdentifier": "cve@mitre.org", "published": "2025-04-19T21:15:45.430", - "lastModified": "2025-04-19T21:15:45.430", + "lastModified": "2025-04-19T22:15:13.993", "vulnStatus": "Received", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "7-Zip through 24.09 does not report an error for certain invalid xz files, involving stream flags and reserved bits." + "value": "7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-268xx/CVE-2023-26819.json b/CVE-2023/CVE-2023-268xx/CVE-2023-26819.json new file mode 100644 index 00000000000..7c77e188e06 --- /dev/null +++ b/CVE-2023/CVE-2023-268xx/CVE-2023-26819.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-26819", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-04-19T22:15:14.103", + "lastModified": "2025-04-19T22:15:14.103", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {\"a\": true, \"b\": [ null,9999999999999999999999999999999999999999999999912345678901234567]}." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 2.9, + "baseSeverity": "LOW", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.4, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-440" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/boofish/json_bugs/tree/main/cjson", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30421.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30421.json new file mode 100644 index 00000000000..9bb1de06b19 --- /dev/null +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30421.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2023-30421", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-04-19T22:15:14.240", + "lastModified": "2025-04-19T22:15:14.240", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "mystrtod in mjson 1.2.7 requires more than a billion iterations during processing of certain digit strings such as 8891110122900e913013935755114." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 2.9, + "baseSeverity": "LOW", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.4, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-407" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/boofish/json_bugs/blob/main/mjson", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/cesanta/mjson/releases", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-439xx/CVE-2025-43918.json b/CVE-2025/CVE-2025-439xx/CVE-2025-43918.json new file mode 100644 index 00000000000..2e13739a193 --- /dev/null +++ b/CVE-2025/CVE-2025-439xx/CVE-2025-43918.json @@ -0,0 +1,67 @@ +{ + "id": "CVE-2025-43918", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-04-19T22:15:14.410", + "lastModified": "2025-04-19T23:15:55.097", + "vulnStatus": "Received", + "cveTags": [ + { + "sourceIdentifier": "cve@mitre.org", + "tags": [ + "exclusively-hosted-service" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "SSL.com before 2025-04-19, when domain validation method 3.2.2.4.14 is used, processes certificate requests such that a trusted TLS certificate may be issued for the domain name of a requester's email address, even when the requester does not otherwise establish administrative control of that domain." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-348" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1961406", + "source": "cve@mitre.org" + }, + { + "url": "https://news.ycombinator.com/item?id=43738485", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index b4668a1caf6..21ea616f385 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-04-19T22:00:19.774734+00:00 +2025-04-19T23:55:19.493590+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-04-19T21:15:45.660000+00:00 +2025-04-19T23:15:55.097000+00:00 ``` ### Last Data Feed Release @@ -33,24 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -290922 +290925 ``` ### CVEs added in the last Commit -Recently added CVEs: `5` +Recently added CVEs: `3` -- [CVE-2022-47111](CVE-2022/CVE-2022-471xx/CVE-2022-47111.json) (`2025-04-19T21:15:45.217`) -- [CVE-2022-47112](CVE-2022/CVE-2022-471xx/CVE-2022-47112.json) (`2025-04-19T21:15:45.430`) -- [CVE-2025-3818](CVE-2025/CVE-2025-38xx/CVE-2025-3818.json) (`2025-04-19T20:15:15.037`) -- [CVE-2025-3819](CVE-2025/CVE-2025-38xx/CVE-2025-3819.json) (`2025-04-19T20:15:15.720`) -- [CVE-2025-3820](CVE-2025/CVE-2025-38xx/CVE-2025-3820.json) (`2025-04-19T21:15:45.660`) +- [CVE-2023-26819](CVE-2023/CVE-2023-268xx/CVE-2023-26819.json) (`2025-04-19T22:15:14.103`) +- [CVE-2023-30421](CVE-2023/CVE-2023-304xx/CVE-2023-30421.json) (`2025-04-19T22:15:14.240`) +- [CVE-2025-43918](CVE-2025/CVE-2025-439xx/CVE-2025-43918.json) (`2025-04-19T22:15:14.410`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `2` +- [CVE-2022-47111](CVE-2022/CVE-2022-471xx/CVE-2022-47111.json) (`2025-04-19T22:15:13.887`) +- [CVE-2022-47112](CVE-2022/CVE-2022-471xx/CVE-2022-47112.json) (`2025-04-19T22:15:13.993`) ## Download and Usage diff --git a/_state.csv b/_state.csv index adb80b54c9b..196ae646da7 100644 --- a/_state.csv +++ b/_state.csv @@ -211798,8 +211798,8 @@ CVE-2022-47100,0,0,61b44eddee8762a6a2fbc5232dfffae3bd5197feb64fe25ae2c561a5d6e94 CVE-2022-47102,0,0,78778a4bb3d94b5726f0458f84ce7ac19358c59edaa2cb53c716b499e18add36,2025-04-08T14:15:29.520000 CVE-2022-47105,0,0,05a9e403ed554a6f621694c16e93867c495eff7cdeb788d1685f64b21ecf7f56,2025-04-03T18:15:42.693000 CVE-2022-4711,0,0,43cdf83f4bff51294766f1a74dd3e9d5b0faa7b2bae15729eb7bb4ef4af41e08,2024-11-21T07:35:46.953000 -CVE-2022-47111,1,1,6c86479f586774ef34766c797f77bc12ed32c56d4c14b76ccd2eefe58f5a0ce0,2025-04-19T21:15:45.217000 -CVE-2022-47112,1,1,78d2c620adb143e1de24e63dba35416425ec167aea8f484ebe1acf73931ad2af,2025-04-19T21:15:45.430000 +CVE-2022-47111,0,1,f3df15f94d6a4ee7daaf0ba069bdc54074ef79de860014fc6599d9d0e5ef244c,2025-04-19T22:15:13.887000 +CVE-2022-47112,0,1,82b88cee0dbf7dd8612453eb53ae42f725193bc973d0488f313e973c4a9664de,2025-04-19T22:15:13.993000 CVE-2022-47115,0,0,a3b8fa59c9a6bbe67107d855a9a16d86c4755caa8ba3c9fd5edee049e3e1c14b,2025-04-11T15:15:42.107000 CVE-2022-47116,0,0,bc93e725a0f8541ddf98d21b2e14f4340382ec109d136dea36f4d8cfbbee8693,2025-04-10T18:15:44.877000 CVE-2022-47117,0,0,39892f26bd683962adad460b797fda5f32705c1c82113aec72c6f003f321c78b,2025-04-11T15:15:42.273000 @@ -221652,6 +221652,7 @@ CVE-2023-26812,0,0,405afcd0d18a0ea560dd97c3f75aa90f8bace35b4b99f4dead56b89234a96 CVE-2023-26813,0,0,11a48edd361ce82d55979cd322e105c7033d8d2b582c11ad569e0eed6257a0e0,2025-01-31T17:15:10.587000 CVE-2023-26817,0,0,a28fc1e8c9a47c85d7691afd6b53809be9ed42bf60b3014c09fb3e76588e5632,2025-02-12T21:15:12.297000 CVE-2023-26818,0,0,b63145fb84ce562cc723a09a012de7a28b2829ff563282d82a15395b053b2245,2025-01-21T20:15:28.950000 +CVE-2023-26819,1,1,5246de7b5927e30655efe72b8ccd9c3c0efb0938742908c5643286eb645d8c89,2025-04-19T22:15:14.103000 CVE-2023-2682,0,0,c318a0378cf385338bfa0bdf8fc7f29c3b5838966decd5ec8725a339816ff3fe,2025-01-24T16:15:31.980000 CVE-2023-26820,0,0,c1b2df4f3d711036f9d1df790a72ba4148e747b21132588a6d5e5e60b93d8021,2025-02-12T21:15:12.463000 CVE-2023-26822,0,0,962ffff9470d823e1ee37e85ddd889c14bbf8c919a0b61f3b268dbcf52cf811b,2025-02-11T18:15:24.467000 @@ -224482,6 +224483,7 @@ CVE-2023-30414,0,0,9aa30f715c05fc770bdab088b3113382f1f6aad254f3203431806deea5e66 CVE-2023-30415,0,0,efd35706be955fb3f0568ba745c5a2d63e9e799147ed7a7cf625c154c6aa8f00,2024-11-21T08:00:08.980000 CVE-2023-30417,0,0,4bbe51d65d2d171ff652f5e9fb583606ead4b32a5292bf5364f96b63506dc441,2025-02-03T18:15:32.860000 CVE-2023-3042,0,0,b16a871fe563f5ff9978084a6340a29e23e9ea5a007aa0eef757089d19525361,2024-11-21T08:16:18.480000 +CVE-2023-30421,1,1,d37b60bf1c07964b5eb4bb99dd89ce2cea2d635fabd681e0e980c3a2ddbcc184,2025-04-19T22:15:14.240000 CVE-2023-30428,0,0,796c921fc339a925a61479535f32888a62041d0a503f9cd05f4c423e5afbf4b4,2024-11-21T08:00:09.863000 CVE-2023-30429,0,0,f49e5a24578b988539cd841fe72f5328e40fb964d522f0a8542b561dda280350,2024-11-21T08:00:10.013000 CVE-2023-3043,0,0,631d70ba95a406908ef1589465ca90ed4c82a33f6820bb0218ad403dd391e975,2024-11-21T08:16:18.657000 @@ -290755,9 +290757,9 @@ CVE-2025-38104,0,0,aac46924a4c28c51faaf99f75d4c0a5d0a65a1747d000155ea8b633f4bfe5 CVE-2025-38152,0,0,d2296d820f7f71e71472cf853a8cba12b58f3c84c5429c1618bed2e28567d654,2025-04-18T07:15:43.403000 CVE-2025-3816,0,0,78f306cc7721a97dee4c8df91eedafde6afce929a4e4659a3dce0b00b0222fc5,2025-04-19T18:15:14.580000 CVE-2025-3817,0,0,f43ec164ae30066f99f1b2718e141a59aea2f074c379769d6e8a68efe6a53d56,2025-04-19T19:15:44.947000 -CVE-2025-3818,1,1,becc0d92806ccaaa15c607aa85c5ec6443bc3617d8777f2f23a8a11191e6c7c3,2025-04-19T20:15:15.037000 -CVE-2025-3819,1,1,364377ad54d70df860fc9ec00ab9e1d4d8eb233351a7f92ce1289b9b90b3f645,2025-04-19T20:15:15.720000 -CVE-2025-3820,1,1,bd63f641be19cb790a0f0ceb45fc52d02a8f7828a89af0f8ffc659042a7d1628,2025-04-19T21:15:45.660000 +CVE-2025-3818,0,0,becc0d92806ccaaa15c607aa85c5ec6443bc3617d8777f2f23a8a11191e6c7c3,2025-04-19T20:15:15.037000 +CVE-2025-3819,0,0,364377ad54d70df860fc9ec00ab9e1d4d8eb233351a7f92ce1289b9b90b3f645,2025-04-19T20:15:15.720000 +CVE-2025-3820,0,0,bd63f641be19cb790a0f0ceb45fc52d02a8f7828a89af0f8ffc659042a7d1628,2025-04-19T21:15:45.660000 CVE-2025-38240,0,0,55c3c53507175385d390f4e5f0701155663d7d45488ce3854f0ce48d67d704f4,2025-04-18T07:15:43.510000 CVE-2025-38479,0,0,b2b6ea65e240d4ffeed782b9d037d3b3cf1f0ae1e3ce4a6e40a815527e135169,2025-04-18T07:15:43.613000 CVE-2025-38575,0,0,fc45fd45a431f685538b4001e1e87131d23faf0a16a9209a56843479513a7e70,2025-04-18T07:15:43.717000 @@ -290921,3 +290923,4 @@ CVE-2025-43900,0,0,8ae3246d09152552bbb6cdca3332360753ff66f5c97b078c8130a1d2fe184 CVE-2025-43901,0,0,98878e012cf8d6baa1ac5ec62480882e6fac2e6450aa75eeb2862c95e2d438b9,2025-04-19T03:15:14.487000 CVE-2025-43903,0,0,e5d1b15c49355d90acc1825ad603611c50f01a5b790925f883e01da3dd84b8af,2025-04-18T21:15:44.673000 CVE-2025-43917,0,0,88ad75149c88491db8dc72ead689c318e5e0e483cf1cf93847c68c0ac210662b,2025-04-19T19:15:45.123000 +CVE-2025-43918,1,1,a38d0564ae7c68e052cfb0872e864e60d7da1269179158fbb9d0ee198cde2a04,2025-04-19T23:15:55.097000