From f76e4a64be851047456510c4658418b727c843f8 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 23 Jun 2025 10:04:13 +0000 Subject: [PATCH] Auto-Update: 2025-06-23T10:00:36.196618+00:00 --- CVE-2024/CVE-2024-35xx/CVE-2024-3511.json | 56 +++++++++++++++++++++++ CVE-2025/CVE-2025-60xx/CVE-2025-6019.json | 46 ++----------------- README.md | 22 +++------ _state.csv | 21 +++++---- 4 files changed, 77 insertions(+), 68 deletions(-) create mode 100644 CVE-2024/CVE-2024-35xx/CVE-2024-3511.json diff --git a/CVE-2024/CVE-2024-35xx/CVE-2024-3511.json b/CVE-2024/CVE-2024-35xx/CVE-2024-3511.json new file mode 100644 index 00000000000..3a3d544c7ba --- /dev/null +++ b/CVE-2024/CVE-2024-35xx/CVE-2024-3511.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-3511", + "sourceIdentifier": "ed10eef1-636d-4fbe-9993-6890dfa878f8", + "published": "2025-06-23T09:15:21.580", + "lastModified": "2025-06-23T09:15:21.580", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An incorrect authorization vulnerability exists in multiple WSO2 products that allows unauthorized access to versioned files stored in the registry. Due to flawed authorization logic, a malicious actor with access to the management console can exploit a specific bypass method to retrieve versioned files without proper authorization.\n\nSuccessful exploitation of this vulnerability could lead to unauthorized disclosure of configuration or resource files that may be stored as registry versions, potentially aiding further attacks or system reconnaissance." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ed10eef1-636d-4fbe-9993-6890dfa878f8", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "ed10eef1-636d-4fbe-9993-6890dfa878f8", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-2702/", + "source": "ed10eef1-636d-4fbe-9993-6890dfa878f8" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-60xx/CVE-2025-6019.json b/CVE-2025/CVE-2025-60xx/CVE-2025-6019.json index acc801c0dfa..f7a90cfd9ef 100644 --- a/CVE-2025/CVE-2025-60xx/CVE-2025-6019.json +++ b/CVE-2025/CVE-2025-60xx/CVE-2025-6019.json @@ -2,7 +2,7 @@ "id": "CVE-2025-6019", "sourceIdentifier": "secalert@redhat.com", "published": "2025-06-19T12:15:19.727", - "lastModified": "2025-06-23T07:15:20.783", + "lastModified": "2025-06-19T12:15:19.727", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -19,7 +19,7 @@ "cvssMetricV31": [ { "source": "secalert@redhat.com", - "type": "Secondary", + "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "secalert@redhat.com", - "type": "Secondary", + "type": "Primary", "description": [ { "lang": "en", @@ -52,42 +52,6 @@ } ], "references": [ - { - "url": "https://access.redhat.com/errata/RHSA-2025:9320", - "source": "secalert@redhat.com" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2025:9321", - "source": "secalert@redhat.com" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2025:9322", - "source": "secalert@redhat.com" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2025:9323", - "source": "secalert@redhat.com" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2025:9324", - "source": "secalert@redhat.com" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2025:9325", - "source": "secalert@redhat.com" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2025:9326", - "source": "secalert@redhat.com" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2025:9327", - "source": "secalert@redhat.com" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2025:9328", - "source": "secalert@redhat.com" - }, { "url": "https://access.redhat.com/security/cve/CVE-2025-6019", "source": "secalert@redhat.com" @@ -96,10 +60,6 @@ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370051", "source": "secalert@redhat.com" }, - { - "url": "https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt", - "source": "secalert@redhat.com" - }, { "url": "http://www.openwall.com/lists/oss-security/2025/06/17/5", "source": "af854a3a-2127-422b-91ae-364da2661108" diff --git a/README.md b/README.md index 20d47682d58..f83abbd9757 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-06-23T08:00:21.154082+00:00 +2025-06-23T10:00:36.196618+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-06-23T07:15:20.783000+00:00 +2025-06-23T09:15:21.580000+00:00 ``` ### Last Data Feed Release @@ -33,29 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -299062 +299063 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `1` +- [CVE-2024-3511](CVE-2024/CVE-2024-35xx/CVE-2024-3511.json) (`2025-06-23T09:15:21.580`) ### CVEs modified in the last Commit -Recently modified CVEs: `10` +Recently modified CVEs: `1` -- [CVE-2025-4478](CVE-2025/CVE-2025-44xx/CVE-2025-4478.json) (`2025-06-23T07:15:20.640`) -- [CVE-2025-48797](CVE-2025/CVE-2025-487xx/CVE-2025-48797.json) (`2025-06-23T07:15:19.273`) -- [CVE-2025-48798](CVE-2025/CVE-2025-487xx/CVE-2025-48798.json) (`2025-06-23T07:15:19.657`) -- [CVE-2025-49175](CVE-2025/CVE-2025-491xx/CVE-2025-49175.json) (`2025-06-23T07:15:19.810`) -- [CVE-2025-49176](CVE-2025/CVE-2025-491xx/CVE-2025-49176.json) (`2025-06-23T07:15:19.967`) -- [CVE-2025-49177](CVE-2025/CVE-2025-491xx/CVE-2025-49177.json) (`2025-06-23T07:15:20.117`) -- [CVE-2025-49178](CVE-2025/CVE-2025-491xx/CVE-2025-49178.json) (`2025-06-23T07:15:20.257`) -- [CVE-2025-49179](CVE-2025/CVE-2025-491xx/CVE-2025-49179.json) (`2025-06-23T07:15:20.387`) -- [CVE-2025-49180](CVE-2025/CVE-2025-491xx/CVE-2025-49180.json) (`2025-06-23T07:15:20.507`) -- [CVE-2025-6019](CVE-2025/CVE-2025-60xx/CVE-2025-6019.json) (`2025-06-23T07:15:20.783`) +- [CVE-2025-6019](CVE-2025/CVE-2025-60xx/CVE-2025-6019.json) (`2025-06-19T12:15:19.727`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 208169e9001..612f301f43f 100644 --- a/_state.csv +++ b/_state.csv @@ -261755,6 +261755,7 @@ CVE-2024-35102,0,0,a3ac6cb938aa7738580fe72bae53eba68e5c5ac83bdf3dd07089a3c2800ee CVE-2024-35106,0,0,b3cbb527e89eeaa447d1de741b34621dea8868efaceae836286cd0a4cc5c9cc1,2025-02-11T16:15:39.913000 CVE-2024-35108,0,0,491ec2260165d7f7d3efd5be494989910741df5aa19c1bf25c8b4a132d685389,2025-04-15T17:02:50.950000 CVE-2024-35109,0,0,8d3fa27f37233d70869ab46151b8c18b411e269cb16c472303eab804df9c5c1b,2025-04-15T17:02:45.973000 +CVE-2024-3511,1,1,569cab0482d5f3732c31388dcd47849461112527e8e05df098fb1cc11f76937a,2025-06-23T09:15:21.580000 CVE-2024-35110,0,0,5befbb4d6ff243e493eb0845590af56b30d55ebed4c9cc3628eccbae22269a4d,2025-06-10T18:32:58.057000 CVE-2024-35111,0,0,32e114bfcb14b5f1a3ca174c51aa1f1f24655b09f1f515c98299c51557856017,2025-03-04T17:45:08.987000 CVE-2024-35112,0,0,3280206f8a84b4c8489cc36e2e9cce1c1682791d1bd75d078ad6e3f08e151b0d,2025-03-04T17:43:28.240000 @@ -295571,7 +295572,7 @@ CVE-2025-4474,0,0,521383e1283ef4d1ff9625642b1a5dc07f9413290fdec0a9acd1e250cd6861 CVE-2025-4475,0,0,14fd175cd338c800e457595a2058771799c1f3a8f146feda826cf08c0646f5cd,2025-05-08T23:15:53.667000 CVE-2025-4476,0,0,e32ef10e7ee74bf8997b5a3acc66e8eaf2de48d03c2aa0ec9fb3efc72c6b8898,2025-05-19T13:35:20.460000 CVE-2025-4477,0,0,5d325fd488fe711c70532dd4f52799a0eeba1df6528fa57f803916528a54f20e,2025-05-19T13:35:20.460000 -CVE-2025-4478,0,1,6ad4f200d83b3b7b6002322aaa14b83209f4ccccadfa9790e9602f3f0ad71980,2025-06-23T07:15:20.640000 +CVE-2025-4478,0,0,6ad4f200d83b3b7b6002322aaa14b83209f4ccccadfa9790e9602f3f0ad71980,2025-06-23T07:15:20.640000 CVE-2025-4479,0,0,77c3b78c5f2785c2220665b558e1b60998dc4a2f1f2c70faa4bf21e165291a9d,2025-06-19T04:15:49.147000 CVE-2025-4480,0,0,be672d537a11a289b7d1b98f279ab333277916180d26385e3402215687d48a25,2025-05-16T15:34:40.510000 CVE-2025-4481,0,0,0fe1448ef925f4ba16b8e05736b526de574a9ed7259d4944c0e5684d261dd60d,2025-05-16T15:34:18.840000 @@ -297402,8 +297403,8 @@ CVE-2025-48792,0,0,2c0b02c33ee81c6b1c7f3bc9767aecae1b833af65e4351c0dd81998c4a119 CVE-2025-48793,0,0,c894ec9ed8b3b5d1fda9891ce2808a0fb7689dd63eec3c7bb7e9e649736a365c,2025-05-27T04:15:41.090000 CVE-2025-48794,0,0,0f60a10fd5bbac90e9e184a916afa3ee1c6a6178325620c93725d026aac184ad,2025-05-27T04:15:41.160000 CVE-2025-48796,0,0,5c467d1a2669d77ceb69e55cea05d09cde2aaa034119240321683e5490565638,2025-05-28T15:01:30.720000 -CVE-2025-48797,0,1,3af0f7dc07bea44e1c69e623e95c376b0540f95a862aab80712ce4b435a32e93,2025-06-23T07:15:19.273000 -CVE-2025-48798,0,1,4798099e1a4ca97c131d1029837635fdafd1caea7fabf5160a1e8c65251311ae,2025-06-23T07:15:19.657000 +CVE-2025-48797,0,0,3af0f7dc07bea44e1c69e623e95c376b0540f95a862aab80712ce4b435a32e93,2025-06-23T07:15:19.273000 +CVE-2025-48798,0,0,4798099e1a4ca97c131d1029837635fdafd1caea7fabf5160a1e8c65251311ae,2025-06-23T07:15:19.657000 CVE-2025-4880,0,0,e66433f376d95dc941d17745f27a53d60427f87111077aee793bacaa1dd21351,2025-05-21T17:33:42.373000 CVE-2025-4881,0,0,3fdda22eaf1afa96c9c6bfb121fd7cc7da116831a6f494c0b7df343d1eed58c4,2025-05-21T19:38:39.660000 CVE-2025-4882,0,0,9ae533a1d17c0bc7b22051d58510b828885d48326cbc794d7bf23ceba43e10c0,2025-05-21T19:38:24.990000 @@ -297590,13 +297591,13 @@ CVE-2025-49162,0,0,30d8f0e974a690ba3faf665b7cd4695ab5fb985c2cad4bb0465fb4c9980fa CVE-2025-49163,0,0,643a72915169b3c81852832f164c7ce28984b32bf8cbac1ededba1c30e43e026,2025-06-04T14:54:33.783000 CVE-2025-49164,0,0,d5b91c5cc8e76d4adf3dda6a9132b65234dcdefc36da28ceddedfd5530304934,2025-06-04T14:54:33.783000 CVE-2025-4917,0,0,402a8702a0d07685076d8d3bbf70a58c8189448c063fea494a0fac6dd2626eee,2025-05-19T17:38:05.883000 -CVE-2025-49175,0,1,cdbb9f8758daff456ef7e9ae4dd5cc8520381ddb69207b01f8c699d1f45c194a,2025-06-23T07:15:19.810000 -CVE-2025-49176,0,1,ed347900b0d47f2a16c4f17c444256fbf6d76b41314f80ef2ddbd44d05621ca2,2025-06-23T07:15:19.967000 -CVE-2025-49177,0,1,1d56d21984347f0dbb44d71fe743cd7551256b21e02bc145de16d3a5c3ae9c6f,2025-06-23T07:15:20.117000 -CVE-2025-49178,0,1,ad4f287e2f12cd36800fbe065d0abfd1e3c50b5c0bac8ac8a8e62a10944b352b,2025-06-23T07:15:20.257000 -CVE-2025-49179,0,1,32597001b0d6f5469da13544dabb94fbf7bc55292de1e04a46d9835e2de21709,2025-06-23T07:15:20.387000 +CVE-2025-49175,0,0,cdbb9f8758daff456ef7e9ae4dd5cc8520381ddb69207b01f8c699d1f45c194a,2025-06-23T07:15:19.810000 +CVE-2025-49176,0,0,ed347900b0d47f2a16c4f17c444256fbf6d76b41314f80ef2ddbd44d05621ca2,2025-06-23T07:15:19.967000 +CVE-2025-49177,0,0,1d56d21984347f0dbb44d71fe743cd7551256b21e02bc145de16d3a5c3ae9c6f,2025-06-23T07:15:20.117000 +CVE-2025-49178,0,0,ad4f287e2f12cd36800fbe065d0abfd1e3c50b5c0bac8ac8a8e62a10944b352b,2025-06-23T07:15:20.257000 +CVE-2025-49179,0,0,32597001b0d6f5469da13544dabb94fbf7bc55292de1e04a46d9835e2de21709,2025-06-23T07:15:20.387000 CVE-2025-4918,0,0,ab4c079e1da6cd4dfa69cf1fcc57b5e852fcef00a973643da3dd71ab3f3ec47e,2025-05-28T14:05:35.853000 -CVE-2025-49180,0,1,99e9da1a4281b2c630500dd895bece3d240bfc43225a83508cd13a184d23a758,2025-06-23T07:15:20.507000 +CVE-2025-49180,0,0,99e9da1a4281b2c630500dd895bece3d240bfc43225a83508cd13a184d23a758,2025-06-23T07:15:20.507000 CVE-2025-49181,0,0,65f8ea01de63d019d8688de775c40b302b8c0b1e44c040e53e46324e69435218,2025-06-12T16:06:20.180000 CVE-2025-49182,0,0,8adc8833944dbbffb6c925bafc811eee2574582f2d7b7b09537e334080770141,2025-06-13T09:15:20.130000 CVE-2025-49183,0,0,c9c3ab65e477d8e9a4d5c9adaf45822d49f0873835d0971680386eb894e72562,2025-06-12T16:06:20.180000 @@ -298770,7 +298771,7 @@ CVE-2025-6007,0,0,ad7217a46edf88f3122f03c09e2fdcfd31382468cbe1002c4a5de402899399 CVE-2025-6008,0,0,cf45d1b8877307f98a5e962959db4dd8b70df84c99522375a10c3d04cde0826f,2025-06-19T01:26:01.867000 CVE-2025-6009,0,0,78abb2d4f36e6029b865859c44e8b3b2ae426316eb8bf2e15ca3e33565c4ca16,2025-06-19T01:25:17.743000 CVE-2025-6012,0,0,26f2f66d87f45d6aa756cc004552cfa11ed42d44708395d664a6658fe8d21b45,2025-06-16T12:32:18.840000 -CVE-2025-6019,0,1,988a24370542db8b46d9b7661174f126ba7b3846279b936a472733b78395f7f1,2025-06-23T07:15:20.783000 +CVE-2025-6019,0,1,ebf4f12bdb263a546c3aea4ef4c7f4363c6b17ec70827c011e272bb086ea941e,2025-06-19T12:15:19.727000 CVE-2025-6020,0,0,439a2d09f05868a64a6818f204c8af8c3741a1aa91da69dac7da1c6864b5ef72,2025-06-17T20:50:23.507000 CVE-2025-6021,0,0,4d6c316d6b2265feaa5a1f1976caab5acbb233a1583e3791720a0a82dcf439c4,2025-06-12T16:06:20.180000 CVE-2025-6029,0,0,e9108be7e98d0780991a9dbc9771d79381463de686ea76ad25b1212ca465841e,2025-06-16T12:32:18.840000