Auto-Update: 2025-04-19T23:55:19.493590+00:00

2025-06-19 17:31:42 +00:00 · 2025-04-19 23:58:52 +00:00 · 2025-04-19 23:58:52 +00:00 · cd24822646
commit cd24822646
parent f495f68a87
7 changed files with 205 additions and 19 deletions
--- a/CVE-2022/CVE-2022-471xx/CVE-2022-47111.json
+++ b/CVE-2022/CVE-2022-471xx/CVE-2022-47111.json
@ -2,13 +2,13 @@
  "id": "CVE-2022-47111",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2025-04-19T21:15:45.217",
-  "lastModified": "2025-04-19T21:15:45.217",
+  "lastModified": "2025-04-19T22:15:13.887",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
-      "value": "7-Zip through 24.09 does not report an error for certain invalid xz files, involving block flags and reserved bits."
+      "value": "7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected."
    }
  ],
  "metrics": {
--- a/CVE-2022/CVE-2022-471xx/CVE-2022-47112.json
+++ b/CVE-2022/CVE-2022-471xx/CVE-2022-47112.json
@ -2,13 +2,13 @@
  "id": "CVE-2022-47112",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2025-04-19T21:15:45.430",
-  "lastModified": "2025-04-19T21:15:45.430",
+  "lastModified": "2025-04-19T22:15:13.993",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
-      "value": "7-Zip through 24.09 does not report an error for certain invalid xz files, involving stream flags and reserved bits."
+      "value": "7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected."
    }
  ],
  "metrics": {
--- a/CVE-2023/CVE-2023-268xx/CVE-2023-26819.json
+++ b/CVE-2023/CVE-2023-268xx/CVE-2023-26819.json
@ -0,0 +1,56 @@
+{
+  "id": "CVE-2023-26819",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-04-19T22:15:14.103",
+  "lastModified": "2025-04-19T22:15:14.103",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {\"a\": true, \"b\": [ null,9999999999999999999999999999999999999999999999912345678901234567]}."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
+          "baseScore": 2.9,
+          "baseSeverity": "LOW",
+          "attackVector": "LOCAL",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 1.4,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-440"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/boofish/json_bugs/tree/main/cjson",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-304xx/CVE-2023-30421.json
+++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30421.json
@ -0,0 +1,60 @@
+{
+  "id": "CVE-2023-30421",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-04-19T22:15:14.240",
+  "lastModified": "2025-04-19T22:15:14.240",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "mystrtod in mjson 1.2.7 requires more than a billion iterations during processing of certain digit strings such as 8891110122900e913013935755114."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
+          "baseScore": 2.9,
+          "baseSeverity": "LOW",
+          "attackVector": "LOCAL",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 1.4,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-407"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/boofish/json_bugs/blob/main/mjson",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/cesanta/mjson/releases",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-439xx/CVE-2025-43918.json
+++ b/CVE-2025/CVE-2025-439xx/CVE-2025-43918.json
@ -0,0 +1,67 @@
+{
+  "id": "CVE-2025-43918",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-04-19T22:15:14.410",
+  "lastModified": "2025-04-19T23:15:55.097",
+  "vulnStatus": "Received",
+  "cveTags": [
+    {
+      "sourceIdentifier": "cve@mitre.org",
+      "tags": [
+        "exclusively-hosted-service"
+      ]
+    }
+  ],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "SSL.com before 2025-04-19, when domain validation method 3.2.2.4.14 is used, processes certificate requests such that a trusted TLS certificate may be issued for the domain name of a requester's email address, even when the requester does not otherwise establish administrative control of that domain."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cve@mitre.org",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-348"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1961406",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://news.ycombinator.com/item?id=43738485",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-04-19T22:00:19.774734+00:00
+2025-04-19T23:55:19.493590+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-04-19T21:15:45.660000+00:00
+2025-04-19T23:15:55.097000+00:00
 ```

 ### Last Data Feed Release
@ -33,24 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-290922
+290925
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `5`
+Recently added CVEs: `3`

- [CVE-2022-47111](CVE-2022/CVE-2022-471xx/CVE-2022-47111.json) (`2025-04-19T21:15:45.217`)
- [CVE-2022-47112](CVE-2022/CVE-2022-471xx/CVE-2022-47112.json) (`2025-04-19T21:15:45.430`)
- [CVE-2025-3818](CVE-2025/CVE-2025-38xx/CVE-2025-3818.json) (`2025-04-19T20:15:15.037`)
- [CVE-2025-3819](CVE-2025/CVE-2025-38xx/CVE-2025-3819.json) (`2025-04-19T20:15:15.720`)
- [CVE-2025-3820](CVE-2025/CVE-2025-38xx/CVE-2025-3820.json) (`2025-04-19T21:15:45.660`)
+- [CVE-2023-26819](CVE-2023/CVE-2023-268xx/CVE-2023-26819.json) (`2025-04-19T22:15:14.103`)
+- [CVE-2023-30421](CVE-2023/CVE-2023-304xx/CVE-2023-30421.json) (`2025-04-19T22:15:14.240`)
+- [CVE-2025-43918](CVE-2025/CVE-2025-439xx/CVE-2025-43918.json) (`2025-04-19T22:15:14.410`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `2`

+- [CVE-2022-47111](CVE-2022/CVE-2022-471xx/CVE-2022-47111.json) (`2025-04-19T22:15:13.887`)
+- [CVE-2022-47112](CVE-2022/CVE-2022-471xx/CVE-2022-47112.json) (`2025-04-19T22:15:13.993`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -211798,8 +211798,8 @@ CVE-2022-47100,0,0,61b44eddee8762a6a2fbc5232dfffae3bd5197feb64fe25ae2c561a5d6e94
 CVE-2022-47102,0,0,78778a4bb3d94b5726f0458f84ce7ac19358c59edaa2cb53c716b499e18add36,2025-04-08T14:15:29.520000
 CVE-2022-47105,0,0,05a9e403ed554a6f621694c16e93867c495eff7cdeb788d1685f64b21ecf7f56,2025-04-03T18:15:42.693000
 CVE-2022-4711,0,0,43cdf83f4bff51294766f1a74dd3e9d5b0faa7b2bae15729eb7bb4ef4af41e08,2024-11-21T07:35:46.953000
-CVE-2022-47111,1,1,6c86479f586774ef34766c797f77bc12ed32c56d4c14b76ccd2eefe58f5a0ce0,2025-04-19T21:15:45.217000
-CVE-2022-47112,1,1,78d2c620adb143e1de24e63dba35416425ec167aea8f484ebe1acf73931ad2af,2025-04-19T21:15:45.430000
+CVE-2022-47111,0,1,f3df15f94d6a4ee7daaf0ba069bdc54074ef79de860014fc6599d9d0e5ef244c,2025-04-19T22:15:13.887000
+CVE-2022-47112,0,1,82b88cee0dbf7dd8612453eb53ae42f725193bc973d0488f313e973c4a9664de,2025-04-19T22:15:13.993000
 CVE-2022-47115,0,0,a3b8fa59c9a6bbe67107d855a9a16d86c4755caa8ba3c9fd5edee049e3e1c14b,2025-04-11T15:15:42.107000
 CVE-2022-47116,0,0,bc93e725a0f8541ddf98d21b2e14f4340382ec109d136dea36f4d8cfbbee8693,2025-04-10T18:15:44.877000
 CVE-2022-47117,0,0,39892f26bd683962adad460b797fda5f32705c1c82113aec72c6f003f321c78b,2025-04-11T15:15:42.273000
@ -221652,6 +221652,7 @@ CVE-2023-26812,0,0,405afcd0d18a0ea560dd97c3f75aa90f8bace35b4b99f4dead56b89234a96
 CVE-2023-26813,0,0,11a48edd361ce82d55979cd322e105c7033d8d2b582c11ad569e0eed6257a0e0,2025-01-31T17:15:10.587000
 CVE-2023-26817,0,0,a28fc1e8c9a47c85d7691afd6b53809be9ed42bf60b3014c09fb3e76588e5632,2025-02-12T21:15:12.297000
 CVE-2023-26818,0,0,b63145fb84ce562cc723a09a012de7a28b2829ff563282d82a15395b053b2245,2025-01-21T20:15:28.950000
+CVE-2023-26819,1,1,5246de7b5927e30655efe72b8ccd9c3c0efb0938742908c5643286eb645d8c89,2025-04-19T22:15:14.103000
 CVE-2023-2682,0,0,c318a0378cf385338bfa0bdf8fc7f29c3b5838966decd5ec8725a339816ff3fe,2025-01-24T16:15:31.980000
 CVE-2023-26820,0,0,c1b2df4f3d711036f9d1df790a72ba4148e747b21132588a6d5e5e60b93d8021,2025-02-12T21:15:12.463000
 CVE-2023-26822,0,0,962ffff9470d823e1ee37e85ddd889c14bbf8c919a0b61f3b268dbcf52cf811b,2025-02-11T18:15:24.467000
@ -224482,6 +224483,7 @@ CVE-2023-30414,0,0,9aa30f715c05fc770bdab088b3113382f1f6aad254f3203431806deea5e66
 CVE-2023-30415,0,0,efd35706be955fb3f0568ba745c5a2d63e9e799147ed7a7cf625c154c6aa8f00,2024-11-21T08:00:08.980000
 CVE-2023-30417,0,0,4bbe51d65d2d171ff652f5e9fb583606ead4b32a5292bf5364f96b63506dc441,2025-02-03T18:15:32.860000
 CVE-2023-3042,0,0,b16a871fe563f5ff9978084a6340a29e23e9ea5a007aa0eef757089d19525361,2024-11-21T08:16:18.480000
+CVE-2023-30421,1,1,d37b60bf1c07964b5eb4bb99dd89ce2cea2d635fabd681e0e980c3a2ddbcc184,2025-04-19T22:15:14.240000
 CVE-2023-30428,0,0,796c921fc339a925a61479535f32888a62041d0a503f9cd05f4c423e5afbf4b4,2024-11-21T08:00:09.863000
 CVE-2023-30429,0,0,f49e5a24578b988539cd841fe72f5328e40fb964d522f0a8542b561dda280350,2024-11-21T08:00:10.013000
 CVE-2023-3043,0,0,631d70ba95a406908ef1589465ca90ed4c82a33f6820bb0218ad403dd391e975,2024-11-21T08:16:18.657000
@ -290755,9 +290757,9 @@ CVE-2025-38104,0,0,aac46924a4c28c51faaf99f75d4c0a5d0a65a1747d000155ea8b633f4bfe5
 CVE-2025-38152,0,0,d2296d820f7f71e71472cf853a8cba12b58f3c84c5429c1618bed2e28567d654,2025-04-18T07:15:43.403000
 CVE-2025-3816,0,0,78f306cc7721a97dee4c8df91eedafde6afce929a4e4659a3dce0b00b0222fc5,2025-04-19T18:15:14.580000
 CVE-2025-3817,0,0,f43ec164ae30066f99f1b2718e141a59aea2f074c379769d6e8a68efe6a53d56,2025-04-19T19:15:44.947000
-CVE-2025-3818,1,1,becc0d92806ccaaa15c607aa85c5ec6443bc3617d8777f2f23a8a11191e6c7c3,2025-04-19T20:15:15.037000
-CVE-2025-3819,1,1,364377ad54d70df860fc9ec00ab9e1d4d8eb233351a7f92ce1289b9b90b3f645,2025-04-19T20:15:15.720000
-CVE-2025-3820,1,1,bd63f641be19cb790a0f0ceb45fc52d02a8f7828a89af0f8ffc659042a7d1628,2025-04-19T21:15:45.660000
+CVE-2025-3818,0,0,becc0d92806ccaaa15c607aa85c5ec6443bc3617d8777f2f23a8a11191e6c7c3,2025-04-19T20:15:15.037000
+CVE-2025-3819,0,0,364377ad54d70df860fc9ec00ab9e1d4d8eb233351a7f92ce1289b9b90b3f645,2025-04-19T20:15:15.720000
+CVE-2025-3820,0,0,bd63f641be19cb790a0f0ceb45fc52d02a8f7828a89af0f8ffc659042a7d1628,2025-04-19T21:15:45.660000
 CVE-2025-38240,0,0,55c3c53507175385d390f4e5f0701155663d7d45488ce3854f0ce48d67d704f4,2025-04-18T07:15:43.510000
 CVE-2025-38479,0,0,b2b6ea65e240d4ffeed782b9d037d3b3cf1f0ae1e3ce4a6e40a815527e135169,2025-04-18T07:15:43.613000
 CVE-2025-38575,0,0,fc45fd45a431f685538b4001e1e87131d23faf0a16a9209a56843479513a7e70,2025-04-18T07:15:43.717000
@ -290921,3 +290923,4 @@ CVE-2025-43900,0,0,8ae3246d09152552bbb6cdca3332360753ff66f5c97b078c8130a1d2fe184
 CVE-2025-43901,0,0,98878e012cf8d6baa1ac5ec62480882e6fac2e6450aa75eeb2862c95e2d438b9,2025-04-19T03:15:14.487000
 CVE-2025-43903,0,0,e5d1b15c49355d90acc1825ad603611c50f01a5b790925f883e01da3dd84b8af,2025-04-18T21:15:44.673000
 CVE-2025-43917,0,0,88ad75149c88491db8dc72ead689c318e5e0e483cf1cf93847c68c0ac210662b,2025-04-19T19:15:45.123000
+CVE-2025-43918,1,1,a38d0564ae7c68e052cfb0872e864e60d7da1269179158fbb9d0ee198cde2a04,2025-04-19T23:15:55.097000