diff --git a/cves/2021/39xxx/CVE-2021-39822.json b/cves/2021/39xxx/CVE-2021-39822.json index 8ccdcc494164..90394a607073 100644 --- a/cves/2021/39xxx/CVE-2021-39822.json +++ b/cves/2021/39xxx/CVE-2021-39822.json @@ -8,7 +8,7 @@ "assignerShortName": "adobe", "dateReserved": "2021-08-23T20:02:58.048Z", "datePublished": "2023-07-20T06:23:11.876Z", - "dateUpdated": "2024-08-04T02:20:33.378Z" + "dateUpdated": "2025-03-05T18:48:29.280Z" }, "containers": { "cna": { @@ -124,6 +124,38 @@ "url": "https://helpx.adobe.com/security/products/indesign/apsb21-73.html" } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:36:29.177722Z", + "id": "CVE-2021-39822", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:48:29.280Z" + } } ] } diff --git a/cves/2021/41xxx/CVE-2021-41613.json b/cves/2021/41xxx/CVE-2021-41613.json index 765fd69c34bb..0b7c539713ad 100644 --- a/cves/2021/41xxx/CVE-2021-41613.json +++ b/cves/2021/41xxx/CVE-2021-41613.json @@ -6,16 +6,16 @@ "cveId": "CVE-2021-41613", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2024-08-04T03:15:29.065Z", - "dateReserved": "2021-09-25T00:00:00", - "datePublished": "2023-04-18T00:00:00" + "dateUpdated": "2025-03-05T18:48:53.005Z", + "dateReserved": "2021-09-25T00:00:00.000Z", + "datePublished": "2023-04-18T00:00:00.000Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", - "dateUpdated": "2023-04-18T00:00:00" + "dateUpdated": "2023-04-18T00:00:00.000Z" }, "descriptions": [ { @@ -77,6 +77,65 @@ ] } ] + }, + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "lang": "en", + "description": "CWE-noinfo Not enough information" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 4.3, + "attackVector": "NETWORK", + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "integrityImpact": "LOW", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "NONE", + "privilegesRequired": "LOW", + "confidentialityImpact": "NONE" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-02-12T15:43:47.612323Z", + "id": "CVE-2021-41613", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:48:53.005Z" + } } ] } diff --git a/cves/2022/2xxx/CVE-2022-2502.json b/cves/2022/2xxx/CVE-2022-2502.json index 48c33041e72f..91d88723b832 100644 --- a/cves/2022/2xxx/CVE-2022-2502.json +++ b/cves/2022/2xxx/CVE-2022-2502.json @@ -8,7 +8,7 @@ "assignerShortName": "Hitachi Energy", "dateReserved": "2022-07-21T06:25:31.199Z", "datePublished": "2023-07-26T05:25:27.002Z", - "dateUpdated": "2024-09-24T15:29:49.528Z" + "dateUpdated": "2025-03-05T18:47:06.707Z" }, "containers": { "cna": { @@ -173,6 +173,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:38:29.193487Z", + "id": "CVE-2022-2502", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:47:06.707Z" + } } ] } diff --git a/cves/2022/44xxx/CVE-2022-44451.json b/cves/2022/44xxx/CVE-2022-44451.json index b9bcef80a050..839320198e2c 100644 --- a/cves/2022/44xxx/CVE-2022-44451.json +++ b/cves/2022/44xxx/CVE-2022-44451.json @@ -8,7 +8,7 @@ "assignerShortName": "talos", "dateReserved": "2022-11-28T20:45:28.765Z", "datePublished": "2023-07-21T20:25:39.864Z", - "dateUpdated": "2024-08-03T13:54:03.506Z" + "dateUpdated": "2025-03-05T18:48:22.079Z" }, "containers": { "cna": { @@ -102,6 +102,38 @@ "shortName": "CVE", "dateUpdated": "2024-08-03T13:54:03.506Z" } + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:44:21.467044Z", + "id": "CVE-2022-44451", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:48:22.079Z" + } } ] } diff --git a/cves/2022/4xxx/CVE-2022-4608.json b/cves/2022/4xxx/CVE-2022-4608.json index ac1dda1e2091..5fe0301b539a 100644 --- a/cves/2022/4xxx/CVE-2022-4608.json +++ b/cves/2022/4xxx/CVE-2022-4608.json @@ -8,7 +8,7 @@ "assignerShortName": "Hitachi Energy", "dateReserved": "2022-12-19T09:46:30.033Z", "datePublished": "2023-07-26T05:26:42.720Z", - "dateUpdated": "2024-09-24T15:33:42.351Z" + "dateUpdated": "2025-03-05T18:46:44.864Z" }, "containers": { "cna": { @@ -173,6 +173,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:38:26.416457Z", + "id": "CVE-2022-4608", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:46:44.864Z" + } } ] } diff --git a/cves/2023/1xxx/CVE-2023-1325.json b/cves/2023/1xxx/CVE-2023-1325.json index 4658b0beea7b..7798632b3bb7 100644 --- a/cves/2023/1xxx/CVE-2023-1325.json +++ b/cves/2023/1xxx/CVE-2023-1325.json @@ -8,7 +8,7 @@ "assignerShortName": "WPScan", "dateReserved": "2023-03-10T16:04:46.132Z", "datePublished": "2023-04-17T12:17:39.963Z", - "dateUpdated": "2024-08-02T05:40:59.805Z" + "dateUpdated": "2025-03-05T18:49:52.470Z" }, "containers": { "cna": { @@ -99,6 +99,66 @@ ] } ] + }, + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-79", + "lang": "en", + "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "CHANGED", + "version": "3.1", + "baseScore": 5.4, + "attackVector": "NETWORK", + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "integrityImpact": "LOW", + "userInteraction": "REQUIRED", + "attackComplexity": "LOW", + "availabilityImpact": "NONE", + "privilegesRequired": "LOW", + "confidentialityImpact": "LOW" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-02-12T17:45:53.579783Z", + "id": "CVE-2023-1325", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:49:52.470Z" + } } ] } diff --git a/cves/2023/22xxx/CVE-2023-22435.json b/cves/2023/22xxx/CVE-2023-22435.json index 76f8649d0707..61aeba349d86 100644 --- a/cves/2023/22xxx/CVE-2023-22435.json +++ b/cves/2023/22xxx/CVE-2023-22435.json @@ -8,7 +8,7 @@ "assignerShortName": "Honeywell", "dateReserved": "2023-02-28T23:51:16.667Z", "datePublished": "2023-07-13T10:53:44.794Z", - "dateUpdated": "2024-08-02T10:07:06.538Z" + "dateUpdated": "2025-03-05T18:51:02.643Z" }, "containers": { "cna": { @@ -247,6 +247,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:38:47.736506Z", + "id": "CVE-2023-22435", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:51:02.643Z" + } } ] } diff --git a/cves/2023/23xxx/CVE-2023-23585.json b/cves/2023/23xxx/CVE-2023-23585.json index e32cc9cc7b3f..b83ae100206d 100644 --- a/cves/2023/23xxx/CVE-2023-23585.json +++ b/cves/2023/23xxx/CVE-2023-23585.json @@ -8,7 +8,7 @@ "assignerShortName": "Honeywell", "dateReserved": "2023-02-28T23:51:16.629Z", "datePublished": "2023-07-13T10:54:59.559Z", - "dateUpdated": "2024-08-02T10:35:33.423Z" + "dateUpdated": "2025-03-05T18:50:52.406Z" }, "containers": { "cna": { @@ -247,6 +247,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:40:01.205939Z", + "id": "CVE-2023-23585", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:50:52.406Z" + } } ] } diff --git a/cves/2023/24xxx/CVE-2023-24480.json b/cves/2023/24xxx/CVE-2023-24480.json index 5ad4c8ee77a0..07f893570806 100644 --- a/cves/2023/24xxx/CVE-2023-24480.json +++ b/cves/2023/24xxx/CVE-2023-24480.json @@ -8,7 +8,7 @@ "assignerShortName": "Honeywell", "dateReserved": "2023-02-28T23:51:16.652Z", "datePublished": "2023-07-13T10:57:46.879Z", - "dateUpdated": "2024-08-02T10:56:04.112Z" + "dateUpdated": "2025-03-05T18:50:43.950Z" }, "containers": { "cna": { @@ -178,6 +178,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:39:59.649573Z", + "id": "CVE-2023-24480", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:50:43.950Z" + } } ] } diff --git a/cves/2023/24xxx/CVE-2023-24657.json b/cves/2023/24xxx/CVE-2023-24657.json index a0d8d58a201f..605dc07ea4c7 100644 --- a/cves/2023/24xxx/CVE-2023-24657.json +++ b/cves/2023/24xxx/CVE-2023-24657.json @@ -6,16 +6,16 @@ "cveId": "CVE-2023-24657", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2024-08-02T11:03:19.049Z", - "dateReserved": "2023-01-30T00:00:00", - "datePublished": "2023-03-08T00:00:00" + "dateUpdated": "2025-03-05T18:47:09.193Z", + "dateReserved": "2023-01-30T00:00:00.000Z", + "datePublished": "2023-03-08T00:00:00.000Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", - "dateUpdated": "2023-03-08T00:00:00" + "dateUpdated": "2023-03-08T00:00:00.000Z" }, "descriptions": [ { @@ -68,6 +68,66 @@ ] } ] + }, + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-79", + "lang": "en", + "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "CHANGED", + "version": "3.1", + "baseScore": 6.1, + "attackVector": "NETWORK", + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "integrityImpact": "LOW", + "userInteraction": "REQUIRED", + "attackComplexity": "LOW", + "availabilityImpact": "NONE", + "privilegesRequired": "NONE", + "confidentialityImpact": "LOW" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:46:36.441308Z", + "id": "CVE-2023-24657", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:47:09.193Z" + } } ] } diff --git a/cves/2023/24xxx/CVE-2023-24773.json b/cves/2023/24xxx/CVE-2023-24773.json index 4a1cae94a38e..d62d4a6f1d5a 100644 --- a/cves/2023/24xxx/CVE-2023-24773.json +++ b/cves/2023/24xxx/CVE-2023-24773.json @@ -6,16 +6,16 @@ "cveId": "CVE-2023-24773", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2024-08-02T11:03:19.040Z", - "dateReserved": "2023-01-30T00:00:00", - "datePublished": "2023-03-08T00:00:00" + "dateUpdated": "2025-03-05T18:46:11.194Z", + "dateReserved": "2023-01-30T00:00:00.000Z", + "datePublished": "2023-03-08T00:00:00.000Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", - "dateUpdated": "2023-03-08T00:00:00" + "dateUpdated": "2023-03-08T00:00:00.000Z" }, "descriptions": [ { @@ -68,6 +68,66 @@ ] } ] + }, + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-89", + "lang": "en", + "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 9.8, + "attackVector": "NETWORK", + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "integrityImpact": "HIGH", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "HIGH", + "privilegesRequired": "NONE", + "confidentialityImpact": "HIGH" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:46:07.164762Z", + "id": "CVE-2023-24773", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:46:11.194Z" + } } ] } diff --git a/cves/2023/24xxx/CVE-2023-24777.json b/cves/2023/24xxx/CVE-2023-24777.json index 991edb1ed96a..a11d23749ae0 100644 --- a/cves/2023/24xxx/CVE-2023-24777.json +++ b/cves/2023/24xxx/CVE-2023-24777.json @@ -6,16 +6,16 @@ "cveId": "CVE-2023-24777", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2024-08-02T11:03:19.244Z", - "dateReserved": "2023-01-30T00:00:00", - "datePublished": "2023-03-08T00:00:00" + "dateUpdated": "2025-03-05T18:43:50.322Z", + "dateReserved": "2023-01-30T00:00:00.000Z", + "datePublished": "2023-03-08T00:00:00.000Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", - "dateUpdated": "2023-03-08T00:00:00" + "dateUpdated": "2023-03-08T00:00:00.000Z" }, "descriptions": [ { @@ -68,6 +68,66 @@ ] } ] + }, + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-89", + "lang": "en", + "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 9.8, + "attackVector": "NETWORK", + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "integrityImpact": "HIGH", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "HIGH", + "privilegesRequired": "NONE", + "confidentialityImpact": "HIGH" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:43:26.045009Z", + "id": "CVE-2023-24777", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:43:50.322Z" + } } ] } diff --git a/cves/2023/25xxx/CVE-2023-25078.json b/cves/2023/25xxx/CVE-2023-25078.json index 2e353971f222..093a0b5d6b53 100644 --- a/cves/2023/25xxx/CVE-2023-25078.json +++ b/cves/2023/25xxx/CVE-2023-25078.json @@ -8,7 +8,7 @@ "assignerShortName": "Honeywell", "dateReserved": "2023-02-28T23:51:16.636Z", "datePublished": "2023-07-13T10:58:33.546Z", - "dateUpdated": "2024-08-02T11:11:43.708Z" + "dateUpdated": "2025-03-05T18:50:35.930Z" }, "containers": { "cna": { @@ -247,6 +247,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:39:58.130317Z", + "id": "CVE-2023-25078", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:50:35.930Z" + } } ] } diff --git a/cves/2023/25xxx/CVE-2023-25178.json b/cves/2023/25xxx/CVE-2023-25178.json index 63ae484e435b..7a59dc43c991 100644 --- a/cves/2023/25xxx/CVE-2023-25178.json +++ b/cves/2023/25xxx/CVE-2023-25178.json @@ -8,7 +8,7 @@ "assignerShortName": "Honeywell", "dateReserved": "2023-02-28T23:51:16.663Z", "datePublished": "2023-07-13T10:59:16.333Z", - "dateUpdated": "2024-08-02T11:18:35.746Z" + "dateUpdated": "2025-03-05T18:50:28.752Z" }, "containers": { "cna": { @@ -178,6 +178,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:39:56.713815Z", + "id": "CVE-2023-25178", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:50:28.752Z" + } } ] } diff --git a/cves/2023/25xxx/CVE-2023-25948.json b/cves/2023/25xxx/CVE-2023-25948.json index e5e09dcf7627..57af2eddb047 100644 --- a/cves/2023/25xxx/CVE-2023-25948.json +++ b/cves/2023/25xxx/CVE-2023-25948.json @@ -8,7 +8,7 @@ "assignerShortName": "Honeywell", "dateReserved": "2023-02-28T23:51:16.642Z", "datePublished": "2023-07-13T11:09:30.893Z", - "dateUpdated": "2024-08-02T11:39:06.184Z" + "dateUpdated": "2025-03-05T18:50:14.570Z" }, "containers": { "cna": { @@ -247,6 +247,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:38:39.637263Z", + "id": "CVE-2023-25948", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:50:14.570Z" + } } ] } diff --git a/cves/2023/26xxx/CVE-2023-26597.json b/cves/2023/26xxx/CVE-2023-26597.json index c1ffea4e98a8..91f9ad940e8f 100644 --- a/cves/2023/26xxx/CVE-2023-26597.json +++ b/cves/2023/26xxx/CVE-2023-26597.json @@ -8,7 +8,7 @@ "assignerShortName": "Honeywell", "dateReserved": "2023-02-28T23:51:16.647Z", "datePublished": "2023-07-13T11:04:55.153Z", - "dateUpdated": "2024-08-02T11:53:53.803Z" + "dateUpdated": "2025-03-05T18:50:22.725Z" }, "containers": { "cna": { @@ -178,6 +178,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:38:43.280343Z", + "id": "CVE-2023-26597", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:50:22.725Z" + } } ] } diff --git a/cves/2023/29xxx/CVE-2023-29308.json b/cves/2023/29xxx/CVE-2023-29308.json index a0ab33381244..26ca2739e794 100644 --- a/cves/2023/29xxx/CVE-2023-29308.json +++ b/cves/2023/29xxx/CVE-2023-29308.json @@ -8,7 +8,7 @@ "assignerShortName": "adobe", "dateReserved": "2023-04-04T20:46:42.579Z", "datePublished": "2023-07-12T15:56:53.091Z", - "dateUpdated": "2024-08-02T14:07:45.432Z" + "dateUpdated": "2025-03-05T18:51:35.998Z" }, "containers": { "cna": { @@ -124,6 +124,38 @@ "url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html" } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:36:34.932658Z", + "id": "CVE-2023-29308", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:51:35.998Z" + } } ] } diff --git a/cves/2023/29xxx/CVE-2023-29311.json b/cves/2023/29xxx/CVE-2023-29311.json index c4268e8e01ae..0bb0252fd9a8 100644 --- a/cves/2023/29xxx/CVE-2023-29311.json +++ b/cves/2023/29xxx/CVE-2023-29311.json @@ -8,7 +8,7 @@ "assignerShortName": "adobe", "dateReserved": "2023-04-04T20:46:42.579Z", "datePublished": "2023-07-12T15:56:55.577Z", - "dateUpdated": "2024-08-02T14:07:45.866Z" + "dateUpdated": "2025-03-05T18:51:13.144Z" }, "containers": { "cna": { @@ -124,6 +124,38 @@ "url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html" } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:35:04.588075Z", + "id": "CVE-2023-29311", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:51:13.144Z" + } } ] } diff --git a/cves/2023/29xxx/CVE-2023-29312.json b/cves/2023/29xxx/CVE-2023-29312.json index 1faa649792ba..5cf8172a8dc0 100644 --- a/cves/2023/29xxx/CVE-2023-29312.json +++ b/cves/2023/29xxx/CVE-2023-29312.json @@ -8,7 +8,7 @@ "assignerShortName": "adobe", "dateReserved": "2023-04-04T20:46:42.579Z", "datePublished": "2023-07-12T15:56:53.906Z", - "dateUpdated": "2024-08-02T14:07:45.623Z" + "dateUpdated": "2025-03-05T18:51:28.170Z" }, "containers": { "cna": { @@ -124,6 +124,38 @@ "url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html" } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:35:10.356703Z", + "id": "CVE-2023-29312", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:51:28.170Z" + } } ] } diff --git a/cves/2023/29xxx/CVE-2023-29314.json b/cves/2023/29xxx/CVE-2023-29314.json index 6a146b4a031f..fe9dc36f1b50 100644 --- a/cves/2023/29xxx/CVE-2023-29314.json +++ b/cves/2023/29xxx/CVE-2023-29314.json @@ -8,7 +8,7 @@ "assignerShortName": "adobe", "dateReserved": "2023-04-04T20:46:42.581Z", "datePublished": "2023-07-12T15:56:54.814Z", - "dateUpdated": "2024-08-02T14:07:45.514Z" + "dateUpdated": "2025-03-05T18:51:21.477Z" }, "containers": { "cna": { @@ -124,6 +124,38 @@ "url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html" } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:35:07.206620Z", + "id": "CVE-2023-29314", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:51:21.477Z" + } } ] } diff --git a/cves/2023/29xxx/CVE-2023-29854.json b/cves/2023/29xxx/CVE-2023-29854.json index 8047945df4c9..50d428fe35b9 100644 --- a/cves/2023/29xxx/CVE-2023-29854.json +++ b/cves/2023/29xxx/CVE-2023-29854.json @@ -6,16 +6,16 @@ "cveId": "CVE-2023-29854", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2024-08-02T14:14:39.950Z", - "dateReserved": "2023-04-07T00:00:00", - "datePublished": "2023-04-18T00:00:00" + "dateUpdated": "2025-03-05T18:48:04.048Z", + "dateReserved": "2023-04-07T00:00:00.000Z", + "datePublished": "2023-04-18T00:00:00.000Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", - "dateUpdated": "2023-04-18T00:00:00" + "dateUpdated": "2023-04-18T00:00:00.000Z" }, "descriptions": [ { @@ -68,6 +68,66 @@ ] } ] + }, + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-79", + "lang": "en", + "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "CHANGED", + "version": "3.1", + "baseScore": 6.1, + "attackVector": "NETWORK", + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "integrityImpact": "LOW", + "userInteraction": "REQUIRED", + "attackComplexity": "LOW", + "availabilityImpact": "NONE", + "privilegesRequired": "NONE", + "confidentialityImpact": "LOW" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:47:53.873581Z", + "id": "CVE-2023-29854", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:48:04.048Z" + } } ] } diff --git a/cves/2023/2xxx/CVE-2023-2860.json b/cves/2023/2xxx/CVE-2023-2860.json index 97460585af06..9ed04b6354d0 100644 --- a/cves/2023/2xxx/CVE-2023-2860.json +++ b/cves/2023/2xxx/CVE-2023-2860.json @@ -8,7 +8,7 @@ "assignerShortName": "redhat", "dateReserved": "2023-05-24T07:11:24.194Z", "datePublished": "2023-07-24T15:19:18.473Z", - "dateUpdated": "2024-08-02T06:33:05.705Z" + "dateUpdated": "2025-03-05T18:47:56.873Z" }, "containers": { "cna": { @@ -156,7 +156,7 @@ "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-18511" } ], - "datePublic": "2022-09-05T00:00:00+00:00", + "datePublic": "2022-09-05T00:00:00.000Z", "problemTypes": [ { "descriptions": [ @@ -221,6 +221,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:34:11.695046Z", + "id": "CVE-2023-2860", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:47:56.873Z" + } } ] } diff --git a/cves/2023/2xxx/CVE-2023-2913.json b/cves/2023/2xxx/CVE-2023-2913.json index 0a71df1a7d50..ff1e31385855 100644 --- a/cves/2023/2xxx/CVE-2023-2913.json +++ b/cves/2023/2xxx/CVE-2023-2913.json @@ -8,7 +8,7 @@ "assignerShortName": "Rockwell", "dateReserved": "2023-05-26T13:21:35.457Z", "datePublished": "2023-07-18T19:52:45.214Z", - "dateUpdated": "2024-08-02T06:41:03.654Z" + "dateUpdated": "2025-03-05T18:48:42.077Z" }, "containers": { "cna": { @@ -146,6 +146,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:38:36.636854Z", + "id": "CVE-2023-2913", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:48:42.077Z" + } } ] } diff --git a/cves/2023/32xxx/CVE-2023-32258.json b/cves/2023/32xxx/CVE-2023-32258.json index 9f79397e3871..0441b24989a7 100644 --- a/cves/2023/32xxx/CVE-2023-32258.json +++ b/cves/2023/32xxx/CVE-2023-32258.json @@ -8,7 +8,7 @@ "assignerShortName": "redhat", "dateReserved": "2023-05-05T10:00:07.896Z", "datePublished": "2023-07-24T15:19:26.475Z", - "dateUpdated": "2024-08-02T15:10:23.945Z" + "dateUpdated": "2025-03-05T18:47:42.142Z" }, "containers": { "cna": { @@ -159,7 +159,7 @@ "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20796/" } ], - "datePublic": "2023-05-04T00:00:00+00:00", + "datePublic": "2023-05-04T00:00:00.000Z", "problemTypes": [ { "descriptions": [ @@ -230,6 +230,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:36:15.111100Z", + "id": "CVE-2023-32258", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:47:42.142Z" + } } ] } diff --git a/cves/2023/33xxx/CVE-2023-33012.json b/cves/2023/33xxx/CVE-2023-33012.json index 61feb92467ad..ecb965f06bd2 100644 --- a/cves/2023/33xxx/CVE-2023-33012.json +++ b/cves/2023/33xxx/CVE-2023-33012.json @@ -8,7 +8,7 @@ "assignerShortName": "Zyxel", "dateReserved": "2023-05-17T02:56:16.623Z", "datePublished": "2023-07-17T17:23:26.370Z", - "dateUpdated": "2024-08-02T15:32:46.561Z" + "dateUpdated": "2025-03-05T18:48:53.862Z" }, "containers": { "cna": { @@ -138,35 +138,35 @@ }, "adp": [ { - "title": "CISA ADP Vulnrichment", "metrics": [ { "other": { "type": "ssvc", "content": { - "timestamp": "2023-07-31T00:00:00+00:00", + "timestamp": "2025-03-05T18:36:32.109342Z", + "id": "CVE-2023-33012", "options": [ { - "Exploitation": "poc" + "Exploitation": "none" }, { - "Automatable": "yes" + "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", - "version": "2.0.3", - "id": "CVE-2023-33012" + "version": "2.0.3" } } } ], + "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", - "dateUpdated": "2024-07-10T03:55:13.069Z" + "dateUpdated": "2025-03-05T18:48:53.862Z" } }, { diff --git a/cves/2023/37xxx/CVE-2023-37920.json b/cves/2023/37xxx/CVE-2023-37920.json index 14d67fca2adc..0735babb45c0 100644 --- a/cves/2023/37xxx/CVE-2023-37920.json +++ b/cves/2023/37xxx/CVE-2023-37920.json @@ -8,7 +8,7 @@ "assignerShortName": "GitHub_M", "dateReserved": "2023-07-10T17:51:29.612Z", "datePublished": "2023-07-25T20:45:35.286Z", - "dateUpdated": "2025-02-13T17:01:37.615Z" + "dateUpdated": "2025-03-05T18:47:15.819Z" }, "containers": { "cna": { @@ -140,6 +140,38 @@ "shortName": "CVE", "dateUpdated": "2024-09-12T16:02:55.011Z" } + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:38:32.972572Z", + "id": "CVE-2023-37920", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:47:15.819Z" + } } ] } diff --git a/cves/2023/3xxx/CVE-2023-3609.json b/cves/2023/3xxx/CVE-2023-3609.json index 113116a376d7..1c03251c7b7e 100644 --- a/cves/2023/3xxx/CVE-2023-3609.json +++ b/cves/2023/3xxx/CVE-2023-3609.json @@ -8,7 +8,7 @@ "assignerShortName": "Google", "dateReserved": "2023-07-10T20:52:53.660Z", "datePublished": "2023-07-21T20:47:12.172Z", - "dateUpdated": "2025-02-13T16:56:14.409Z" + "dateUpdated": "2025-03-05T18:48:12.763Z" }, "containers": { "cna": { @@ -192,6 +192,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:36:26.184616Z", + "id": "CVE-2023-3609", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:48:12.763Z" + } } ] } diff --git a/cves/2023/3xxx/CVE-2023-3640.json b/cves/2023/3xxx/CVE-2023-3640.json index 60cbaecf805e..3b999942be32 100644 --- a/cves/2023/3xxx/CVE-2023-3640.json +++ b/cves/2023/3xxx/CVE-2023-3640.json @@ -8,7 +8,7 @@ "assignerShortName": "redhat", "dateReserved": "2023-07-12T15:37:45.552Z", "datePublished": "2023-07-24T15:19:29.983Z", - "dateUpdated": "2025-02-07T02:04:06.160Z" + "dateUpdated": "2025-03-05T18:47:35.627Z" }, "containers": { "cna": { @@ -207,6 +207,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:36:10.948159Z", + "id": "CVE-2023-3640", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:47:35.627Z" + } } ] } diff --git a/cves/2023/3xxx/CVE-2023-3773.json b/cves/2023/3xxx/CVE-2023-3773.json index a353dec3773a..0008d2feb781 100644 --- a/cves/2023/3xxx/CVE-2023-3773.json +++ b/cves/2023/3xxx/CVE-2023-3773.json @@ -8,7 +8,7 @@ "assignerShortName": "redhat", "dateReserved": "2023-07-19T13:55:13.694Z", "datePublished": "2023-07-25T15:47:40.391Z", - "dateUpdated": "2024-11-21T19:43:27.525Z" + "dateUpdated": "2025-03-05T18:47:25.761Z" }, "containers": { "cna": { @@ -178,7 +178,7 @@ ] } ], - "datePublic": "2023-07-23T00:00:00+00:00", + "datePublic": "2023-07-23T00:00:00.000Z", "problemTypes": [ { "descriptions": [ @@ -264,6 +264,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:33:27.598158Z", + "id": "CVE-2023-3773", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:47:25.761Z" + } } ] } diff --git a/cves/2023/3xxx/CVE-2023-3776.json b/cves/2023/3xxx/CVE-2023-3776.json index 47d8b8a4ff54..d55122ab0aea 100644 --- a/cves/2023/3xxx/CVE-2023-3776.json +++ b/cves/2023/3xxx/CVE-2023-3776.json @@ -8,7 +8,7 @@ "assignerShortName": "Google", "dateReserved": "2023-07-19T15:50:20.757Z", "datePublished": "2023-07-21T20:49:53.667Z", - "dateUpdated": "2025-02-13T17:01:35.230Z" + "dateUpdated": "2025-03-05T18:48:04.229Z" }, "containers": { "cna": { @@ -209,6 +209,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:36:21.985284Z", + "id": "CVE-2023-3776", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:48:04.229Z" + } } ] } diff --git a/cves/2023/3xxx/CVE-2023-3812.json b/cves/2023/3xxx/CVE-2023-3812.json index 912f4e5f46bb..96beeeee2f24 100644 --- a/cves/2023/3xxx/CVE-2023-3812.json +++ b/cves/2023/3xxx/CVE-2023-3812.json @@ -8,7 +8,7 @@ "assignerShortName": "redhat", "dateReserved": "2023-07-20T13:02:44.826Z", "datePublished": "2023-07-24T15:19:21.817Z", - "dateUpdated": "2024-11-15T16:30:01.571Z" + "dateUpdated": "2025-03-05T18:47:48.945Z" }, "containers": { "cna": { @@ -778,7 +778,7 @@ "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=363a5328f4b0" } ], - "datePublic": "2022-10-22T00:00:00+00:00", + "datePublic": "2022-10-22T00:00:00.000Z", "problemTypes": [ { "descriptions": [ @@ -1056,6 +1056,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:36:18.926997Z", + "id": "CVE-2023-3812", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:47:48.945Z" + } } ] } diff --git a/cves/2023/4xxx/CVE-2023-4010.json b/cves/2023/4xxx/CVE-2023-4010.json index fcdab080180b..c3866750f74e 100644 --- a/cves/2023/4xxx/CVE-2023-4010.json +++ b/cves/2023/4xxx/CVE-2023-4010.json @@ -8,7 +8,7 @@ "assignerShortName": "redhat", "dateReserved": "2023-07-31T08:37:42.318Z", "datePublished": "2023-07-31T16:22:24.371Z", - "dateUpdated": "2025-02-07T04:14:58.709Z" + "dateUpdated": "2025-03-05T18:46:36.643Z" }, "containers": { "cna": { @@ -210,6 +210,38 @@ ] } ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:41:14.299917Z", + "id": "CVE-2023-4010", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:46:36.643Z" + } } ] } diff --git a/cves/2024/48xxx/CVE-2024-48246.json b/cves/2024/48xxx/CVE-2024-48246.json new file mode 100644 index 000000000000..4c3b73f128a4 --- /dev/null +++ b/cves/2024/48xxx/CVE-2024-48246.json @@ -0,0 +1,56 @@ +{ + "dataType": "CVE_RECORD", + "cveMetadata": { + "state": "PUBLISHED", + "cveId": "CVE-2024-48246", + "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", + "assignerShortName": "mitre", + "dateUpdated": "2025-03-05T18:45:35.663Z", + "dateReserved": "2024-10-08T00:00:00.000Z", + "datePublished": "2025-03-05T00:00:00.000Z" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", + "shortName": "mitre", + "dateUpdated": "2025-03-05T18:45:35.663Z" + }, + "descriptions": [ + { + "lang": "en", + "value": "Vehicle Management System 1.0 contains a Stored Cross-Site Scripting (XSS) vulnerability in the \"Name\" parameter of /vehicle-management/booking.php." + } + ], + "affected": [ + { + "vendor": "n/a", + "product": "n/a", + "versions": [ + { + "version": "n/a", + "status": "affected" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/ShadowByte1/CVE-2024-48246" + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "type": "text", + "lang": "en", + "description": "n/a" + } + ] + } + ] + } + }, + "dataVersion": "5.1" +} \ No newline at end of file diff --git a/cves/2024/55xxx/CVE-2024-55570.json b/cves/2024/55xxx/CVE-2024-55570.json index 0694b383fc57..0cfdebf92cb3 100644 --- a/cves/2024/55xxx/CVE-2024-55570.json +++ b/cves/2024/55xxx/CVE-2024-55570.json @@ -5,7 +5,7 @@ "cveId": "CVE-2024-55570", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2025-03-03T16:11:14.843Z", + "dateUpdated": "2025-03-05T18:40:53.784Z", "dateReserved": "2024-12-09T00:00:00.000Z", "datePublished": "2025-03-03T00:00:00.000Z" }, @@ -53,7 +53,69 @@ ] } ] - } + }, + "adp": [ + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-266", + "lang": "en", + "description": "CWE-266 Incorrect Privilege Assignment" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 5.4, + "attackVector": "NETWORK", + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "integrityImpact": "LOW", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "NONE", + "privilegesRequired": "LOW", + "confidentialityImpact": "LOW" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-04T19:22:52.567556Z", + "id": "CVE-2024-55570", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:40:53.784Z" + } + } + ] }, "dataVersion": "5.1" } \ No newline at end of file diff --git a/cves/2025/25xxx/CVE-2025-25343.json b/cves/2025/25xxx/CVE-2025-25343.json index 4dbfe3267f20..78b9b62bc731 100644 --- a/cves/2025/25xxx/CVE-2025-25343.json +++ b/cves/2025/25xxx/CVE-2025-25343.json @@ -5,7 +5,7 @@ "cveId": "CVE-2025-25343", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2025-02-12T18:38:41.413Z", + "dateUpdated": "2025-03-05T18:41:55.555Z", "dateReserved": "2025-02-07T00:00:00.000Z", "datePublished": "2025-02-12T00:00:00.000Z" }, @@ -50,7 +50,69 @@ ] } ] - } + }, + "adp": [ + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-120", + "lang": "en", + "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 9.8, + "attackVector": "NETWORK", + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "integrityImpact": "HIGH", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "HIGH", + "privilegesRequired": "NONE", + "confidentialityImpact": "HIGH" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-02-19T15:36:34.434839Z", + "id": "CVE-2025-25343", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:41:55.555Z" + } + } + ] }, "dataVersion": "5.1" } \ No newline at end of file diff --git a/cves/2025/25xxx/CVE-2025-25349.json b/cves/2025/25xxx/CVE-2025-25349.json index 32b0112b3db8..c1e7632b152c 100644 --- a/cves/2025/25xxx/CVE-2025-25349.json +++ b/cves/2025/25xxx/CVE-2025-25349.json @@ -5,7 +5,7 @@ "cveId": "CVE-2025-25349", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2025-02-12T15:40:21.200Z", + "dateUpdated": "2025-03-05T18:47:17.213Z", "dateReserved": "2025-02-07T00:00:00.000Z", "datePublished": "2025-02-12T00:00:00.000Z" }, @@ -50,7 +50,69 @@ ] } ] - } + }, + "adp": [ + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-89", + "lang": "en", + "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 9.8, + "attackVector": "NETWORK", + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "integrityImpact": "HIGH", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "HIGH", + "privilegesRequired": "NONE", + "confidentialityImpact": "HIGH" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:46:50.976363Z", + "id": "CVE-2025-25349", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:47:17.213Z" + } + } + ] }, "dataVersion": "5.1" } \ No newline at end of file diff --git a/cves/2025/25xxx/CVE-2025-25741.json b/cves/2025/25xxx/CVE-2025-25741.json index 45852dd18588..831a77cdca51 100644 --- a/cves/2025/25xxx/CVE-2025-25741.json +++ b/cves/2025/25xxx/CVE-2025-25741.json @@ -5,7 +5,7 @@ "cveId": "CVE-2025-25741", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2025-02-12T17:28:43.745Z", + "dateUpdated": "2025-03-05T18:43:02.808Z", "dateReserved": "2025-02-07T00:00:00.000Z", "datePublished": "2025-02-12T00:00:00.000Z" }, @@ -50,7 +50,69 @@ ] } ] - } + }, + "adp": [ + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-121", + "lang": "en", + "description": "CWE-121 Stack-based Buffer Overflow" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 5.4, + "attackVector": "NETWORK", + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "integrityImpact": "LOW", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "NONE", + "privilegesRequired": "LOW", + "confidentialityImpact": "LOW" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-02-19T16:46:16.891291Z", + "id": "CVE-2025-25741", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:43:02.808Z" + } + } + ] }, "dataVersion": "5.1" } \ No newline at end of file diff --git a/cves/2025/25xxx/CVE-2025-25742.json b/cves/2025/25xxx/CVE-2025-25742.json index 5f9f445ef5ec..54b42ad1d0e9 100644 --- a/cves/2025/25xxx/CVE-2025-25742.json +++ b/cves/2025/25xxx/CVE-2025-25742.json @@ -5,7 +5,7 @@ "cveId": "CVE-2025-25742", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2025-02-12T16:49:06.619Z", + "dateUpdated": "2025-03-05T18:46:07.947Z", "dateReserved": "2025-02-07T00:00:00.000Z", "datePublished": "2025-02-12T00:00:00.000Z" }, @@ -50,7 +50,69 @@ ] } ] - } + }, + "adp": [ + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-787", + "lang": "en", + "description": "CWE-787 Out-of-bounds Write" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 9.8, + "attackVector": "NETWORK", + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "integrityImpact": "HIGH", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "HIGH", + "privilegesRequired": "NONE", + "confidentialityImpact": "HIGH" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:45:55.497915Z", + "id": "CVE-2025-25742", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:46:07.947Z" + } + } + ] }, "dataVersion": "5.1" } \ No newline at end of file diff --git a/cves/2025/25xxx/CVE-2025-25743.json b/cves/2025/25xxx/CVE-2025-25743.json index 6f525271a454..9c3485200fb2 100644 --- a/cves/2025/25xxx/CVE-2025-25743.json +++ b/cves/2025/25xxx/CVE-2025-25743.json @@ -5,7 +5,7 @@ "cveId": "CVE-2025-25743", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2025-02-12T17:01:08.980Z", + "dateUpdated": "2025-03-05T18:45:20.344Z", "dateReserved": "2025-02-07T00:00:00.000Z", "datePublished": "2025-02-12T00:00:00.000Z" }, @@ -50,7 +50,69 @@ ] } ] - } + }, + "adp": [ + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-77", + "lang": "en", + "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 7.2, + "attackVector": "NETWORK", + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "integrityImpact": "HIGH", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "HIGH", + "privilegesRequired": "HIGH", + "confidentialityImpact": "HIGH" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:44:42.436707Z", + "id": "CVE-2025-25743", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:45:20.344Z" + } + } + ] }, "dataVersion": "5.1" } \ No newline at end of file diff --git a/cves/2025/25xxx/CVE-2025-25744.json b/cves/2025/25xxx/CVE-2025-25744.json index 42e7605d57dc..b39e36fd78cf 100644 --- a/cves/2025/25xxx/CVE-2025-25744.json +++ b/cves/2025/25xxx/CVE-2025-25744.json @@ -5,7 +5,7 @@ "cveId": "CVE-2025-25744", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2025-02-12T16:59:11.634Z", + "dateUpdated": "2025-03-05T18:44:01.180Z", "dateReserved": "2025-02-07T00:00:00.000Z", "datePublished": "2025-02-12T00:00:00.000Z" }, @@ -50,7 +50,69 @@ ] } ] - } + }, + "adp": [ + { + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-787", + "lang": "en", + "description": "CWE-787 Out-of-bounds Write" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 9.8, + "attackVector": "NETWORK", + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "integrityImpact": "HIGH", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "HIGH", + "privilegesRequired": "NONE", + "confidentialityImpact": "HIGH" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:43:38.288059Z", + "id": "CVE-2025-25744", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:44:01.180Z" + } + } + ] }, "dataVersion": "5.1" } \ No newline at end of file diff --git a/cves/2025/27xxx/CVE-2025-27513.json b/cves/2025/27xxx/CVE-2025-27513.json index 9126661d7ad7..bc0b050baf84 100644 --- a/cves/2025/27xxx/CVE-2025-27513.json +++ b/cves/2025/27xxx/CVE-2025-27513.json @@ -8,7 +8,7 @@ "assignerShortName": "GitHub_M", "dateReserved": "2025-02-26T18:11:52.306Z", "datePublished": "2025-03-05T18:12:25.867Z", - "dateUpdated": "2025-03-05T18:19:02.492Z" + "dateUpdated": "2025-03-05T18:45:40.868Z" }, "containers": { "cna": { @@ -86,6 +86,40 @@ "advisory": "GHSA-8785-wc3w-h8q6", "discovery": "UNKNOWN" } - } + }, + "adp": [ + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-05T18:45:23.860236Z", + "id": "CVE-2025-27513", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-05T18:45:40.868Z" + } + } + ] } } \ No newline at end of file diff --git a/cves/2025/27xxx/CVE-2025-27515.json b/cves/2025/27xxx/CVE-2025-27515.json new file mode 100644 index 000000000000..29d53d6fd326 --- /dev/null +++ b/cves/2025/27xxx/CVE-2025-27515.json @@ -0,0 +1,98 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2025-27515", + "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", + "state": "PUBLISHED", + "assignerShortName": "GitHub_M", + "dateReserved": "2025-02-26T18:11:52.307Z", + "datePublished": "2025-03-05T18:45:50.101Z", + "dateUpdated": "2025-03-05T18:45:50.101Z" + }, + "containers": { + "cna": { + "title": "Laravel has a File Validation Bypass", + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-155", + "lang": "en", + "description": "CWE-155: Improper Neutralization of Wildcards or Matching Symbols", + "type": "CWE" + } + ] + } + ], + "metrics": [ + { + "cvssV4_0": { + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N", + "version": "4.0" + } + } + ], + "references": [ + { + "name": "https://github.com/laravel/framework/security/advisories/GHSA-78fx-h6xr-vch4", + "tags": [ + "x_refsource_CONFIRM" + ], + "url": "https://github.com/laravel/framework/security/advisories/GHSA-78fx-h6xr-vch4" + }, + { + "name": "https://github.com/laravel/framework/commit/2d133034fefddfb047838f4caca3687a3ba811a5", + "tags": [ + "x_refsource_MISC" + ], + "url": "https://github.com/laravel/framework/commit/2d133034fefddfb047838f4caca3687a3ba811a5" + } + ], + "affected": [ + { + "vendor": "laravel", + "product": "framework", + "versions": [ + { + "version": ">= 12.0.0, < 12.1.1", + "status": "affected" + }, + { + "version": "< 11.44.1", + "status": "affected" + } + ] + } + ], + "providerMetadata": { + "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", + "shortName": "GitHub_M", + "dateUpdated": "2025-03-05T18:45:50.101Z" + }, + "descriptions": [ + { + "lang": "en", + "value": "Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a user-crafted malicious request could potentially bypass the validation rules. This vulnerability is fixed in 11.44.1 and 12.1.1." + } + ], + "source": { + "advisory": "GHSA-78fx-h6xr-vch4", + "discovery": "UNKNOWN" + } + } + } +} \ No newline at end of file