Skip to content

Commit

Permalink
Auto-Update: 2024-02-04T21:00:24.404328+00:00
Browse files Browse the repository at this point in the history
  • Loading branch information
cad-safe-bot committed Feb 4, 2024
1 parent 83a537d commit c7b3e76
Show file tree
Hide file tree
Showing 10 changed files with 144 additions and 22 deletions.
67 changes: 67 additions & 0 deletions CVE-2021/CVE-2021-44xx/CVE-2021-4435.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
{
"id": "CVE-2021-4435",
"sourceIdentifier": "[email protected]",
"published": "2024-02-04T20:15:45.657",
"lastModified": "2024-02-04T20:15:45.657",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An untrusted search path vulnerability was found in Yarn. When a victim runs certain Yarn commands in a directory with attacker-controlled content, malicious commands could be executed in unexpected ways."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-426"
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2021-4435",
"source": "[email protected]"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262284",
"source": "[email protected]"
},
{
"url": "https://github.com/yarnpkg/yarn/commit/67fcce88935e45092ffa2674c08053f1ef5268a1",
"source": "[email protected]"
},
{
"url": "https://github.com/yarnpkg/yarn/releases/tag/v1.22.13",
"source": "[email protected]"
}
]
}
6 changes: 3 additions & 3 deletions CVE-2023/CVE-2023-523xx/CVE-2023-52355.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
"id": "CVE-2023-52355",
"sourceIdentifier": "[email protected]",
"published": "2024-01-25T20:15:38.353",
"lastModified": "2024-01-31T17:59:49.903",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-04T20:15:45.900",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
Expand Down Expand Up @@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-400"
"value": "CWE-787"
}
]
}
Expand Down
20 changes: 20 additions & 0 deletions CVE-2023/CVE-2023-524xx/CVE-2023-52425.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
{
"id": "CVE-2023-52425",
"sourceIdentifier": "[email protected]",
"published": "2024-02-04T20:15:46.063",
"lastModified": "2024-02-04T20:15:46.063",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/libexpat/libexpat/pull/789",
"source": "[email protected]"
}
]
}
28 changes: 28 additions & 0 deletions CVE-2023/CVE-2023-524xx/CVE-2023-52426.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
{
"id": "CVE-2023-52426",
"sourceIdentifier": "[email protected]",
"published": "2024-02-04T20:15:46.120",
"lastModified": "2024-02-04T20:15:46.120",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time."
}
],
"metrics": {},
"references": [
{
"url": "https://cwe.mitre.org/data/definitions/776.html",
"source": "[email protected]"
},
{
"url": "https://github.com/libexpat/libexpat/commit/0f075ec8ecb5e43f8fdca5182f8cca4703da0404",
"source": "[email protected]"
},
{
"url": "https://github.com/libexpat/libexpat/pull/777",
"source": "[email protected]"
}
]
}
6 changes: 3 additions & 3 deletions CVE-2023/CVE-2023-62xx/CVE-2023-6291.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
"id": "CVE-2023-6291",
"sourceIdentifier": "[email protected]",
"published": "2024-01-26T15:15:08.280",
"lastModified": "2024-02-03T01:42:08.807",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-04T20:15:46.173",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
Expand Down Expand Up @@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-601"
}
]
}
Expand Down
6 changes: 3 additions & 3 deletions CVE-2023/CVE-2023-64xx/CVE-2023-6476.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
"id": "CVE-2023-6476",
"sourceIdentifier": "[email protected]",
"published": "2024-01-09T22:15:43.610",
"lastModified": "2024-01-18T18:16:25.947",
"vulnStatus": "Analyzed",
"lastModified": "2024-02-04T20:15:46.327",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
Expand Down Expand Up @@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-400"
"value": "CWE-770"
}
]
}
Expand Down
4 changes: 2 additions & 2 deletions CVE-2023/CVE-2023-68xx/CVE-2023-6816.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"id": "CVE-2023-6816",
"sourceIdentifier": "[email protected]",
"published": "2024-01-18T05:15:08.607",
"lastModified": "2024-01-31T16:15:45.150",
"lastModified": "2024-02-04T20:15:46.477",
"vulnStatus": "Modified",
"descriptions": [
{
Expand Down Expand Up @@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-119"
"value": "CWE-787"
}
]
}
Expand Down
4 changes: 2 additions & 2 deletions CVE-2023/CVE-2023-69xx/CVE-2023-6944.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"id": "CVE-2023-6944",
"sourceIdentifier": "[email protected]",
"published": "2024-01-04T10:15:11.517",
"lastModified": "2024-01-25T16:15:08.177",
"lastModified": "2024-02-04T20:15:46.650",
"vulnStatus": "Modified",
"descriptions": [
{
Expand Down Expand Up @@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-200"
"value": "CWE-209"
}
]
}
Expand Down
4 changes: 2 additions & 2 deletions CVE-2023/CVE-2023-71xx/CVE-2023-7192.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"id": "CVE-2023-7192",
"sourceIdentifier": "[email protected]",
"published": "2024-01-02T19:15:11.510",
"lastModified": "2024-01-30T13:15:07.933",
"lastModified": "2024-02-04T20:15:46.787",
"vulnStatus": "Modified",
"descriptions": [
{
Expand Down Expand Up @@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-402"
"value": "CWE-401"
}
]
}
Expand Down
21 changes: 14 additions & 7 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update

```plain
2024-02-04T19:00:25.019691+00:00
2024-02-04T21:00:24.404328+00:00
```

### Most recent CVE Modification Timestamp synchronized with NVD

```plain
2024-02-04T18:16:00.713000+00:00
2024-02-04T20:15:46.787000+00:00
```

### Last Data Feed Release
Expand All @@ -29,21 +29,28 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs

```plain
237515
237518
```

### CVEs added in the last Commit

Recently added CVEs: `2`
Recently added CVEs: `3`

* [CVE-2018-25098](CVE-2018/CVE-2018-250xx/CVE-2018-25098.json) (`2024-02-04T17:15:07.880`)
* [CVE-2020-36773](CVE-2020/CVE-2020-367xx/CVE-2020-36773.json) (`2024-02-04T18:16:00.713`)
* [CVE-2021-4435](CVE-2021/CVE-2021-44xx/CVE-2021-4435.json) (`2024-02-04T20:15:45.657`)
* [CVE-2023-52425](CVE-2023/CVE-2023-524xx/CVE-2023-52425.json) (`2024-02-04T20:15:46.063`)
* [CVE-2023-52426](CVE-2023/CVE-2023-524xx/CVE-2023-52426.json) (`2024-02-04T20:15:46.120`)


### CVEs modified in the last Commit

Recently modified CVEs: `0`
Recently modified CVEs: `6`

* [CVE-2023-52355](CVE-2023/CVE-2023-523xx/CVE-2023-52355.json) (`2024-02-04T20:15:45.900`)
* [CVE-2023-6291](CVE-2023/CVE-2023-62xx/CVE-2023-6291.json) (`2024-02-04T20:15:46.173`)
* [CVE-2023-6476](CVE-2023/CVE-2023-64xx/CVE-2023-6476.json) (`2024-02-04T20:15:46.327`)
* [CVE-2023-6816](CVE-2023/CVE-2023-68xx/CVE-2023-6816.json) (`2024-02-04T20:15:46.477`)
* [CVE-2023-6944](CVE-2023/CVE-2023-69xx/CVE-2023-6944.json) (`2024-02-04T20:15:46.650`)
* [CVE-2023-7192](CVE-2023/CVE-2023-71xx/CVE-2023-7192.json) (`2024-02-04T20:15:46.787`)


## Download and Usage
Expand Down

0 comments on commit c7b3e76

Please sign in to comment.