From 24d6b0ebbdfe8809be18049975f3230a31ef62f2 Mon Sep 17 00:00:00 2001 From: cvelistV5 Github Action Date: Fri, 3 Jan 2025 05:21:48 +0000 Subject: [PATCH] 1 changes (0 new | 1 updated): - 0 new CVEs: - 1 updated CVEs: CVE-2025-22275 --- cves/2025/22xxx/CVE-2025-22275.json | 69 ++++++++++++++++++++++------- cves/delta.json | 8 ++-- cves/deltaLog.json | 14 ++++++ 3 files changed, 70 insertions(+), 21 deletions(-) diff --git a/cves/2025/22xxx/CVE-2025-22275.json b/cves/2025/22xxx/CVE-2025-22275.json index 503c7e74f1cf..e4b8c1c65817 100644 --- a/cves/2025/22xxx/CVE-2025-22275.json +++ b/cves/2025/22xxx/CVE-2025-22275.json @@ -5,35 +5,50 @@ "cveId": "CVE-2025-22275", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", - "dateUpdated": "2025-01-03T05:03:35.916195", + "dateUpdated": "2025-01-03T05:15:59.688Z", "dateReserved": "2025-01-03T00:00:00", "datePublished": "2025-01-03T00:00:00" }, "containers": { "cna": { - "providerMetadata": { - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre", - "dateUpdated": "2025-01-03T05:03:35.916195" - }, + "affected": [ + { + "defaultStatus": "unaffected", + "product": "iTerm2", + "vendor": "iTerm2", + "versions": [ + { + "lessThan": "3.5.11", + "status": "affected", + "version": "3.5.6", + "versionType": "semver" + } + ] + } + ], "descriptions": [ { "lang": "en", "value": "iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration configurations, during remote logins to hosts that have a common Python installation." } ], - "affected": [ + "problemTypes": [ { - "vendor": "n/a", - "product": "n/a", - "versions": [ + "descriptions": [ { - "version": "n/a", - "status": "affected" + "cweId": "CWE-532", + "description": "CWE-532 Insertion of Sensitive Information into Log File", + "lang": "en", + "type": "CWE" } ] } ], + "providerMetadata": { + "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", + "shortName": "mitre", + "dateUpdated": "2025-01-03T05:15:59.688Z" + }, "references": [ { "url": "https://iterm2.com/downloads/stable/iTerm2-3_5_11.changelog" @@ -42,13 +57,33 @@ "url": "https://news.ycombinator.com/item?id=42579472" } ], - "problemTypes": [ + "x_generator": { + "engine": "enrichogram 0.0.1" + }, + "metrics": [ { - "descriptions": [ + "cvssV3_1": { + "version": "3.1", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N" + } + } + ], + "cpeApplicability": [ + { + "nodes": [ { - "type": "text", - "lang": "en", - "description": "n/a" + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:iterm2:iterm2:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.5.6", + "versionEndExcluding": "3.5.11" + } + ] } ] } diff --git a/cves/delta.json b/cves/delta.json index 23971f137546..821530be985d 100644 --- a/cves/delta.json +++ b/cves/delta.json @@ -1,14 +1,14 @@ { - "fetchTime": "2025-01-03T05:11:20.747Z", + "fetchTime": "2025-01-03T05:21:37.315Z", "numberOfChanges": 1, - "new": [ + "new": [], + "updated": [ { "cveId": "CVE-2025-22275", "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2025-22275", "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2025/22xxx/CVE-2025-22275.json", - "dateUpdated": "2025-01-03T05:03:35.916195" + "dateUpdated": "2025-01-03T05:15:59.688Z" } ], - "updated": [], "error": [] } \ No newline at end of file diff --git a/cves/deltaLog.json b/cves/deltaLog.json index f584345ac321..b1b5df815a1b 100644 --- a/cves/deltaLog.json +++ b/cves/deltaLog.json @@ -1,4 +1,18 @@ [ + { + "fetchTime": "2025-01-03T05:21:37.315Z", + "numberOfChanges": 1, + "new": [], + "updated": [ + { + "cveId": "CVE-2025-22275", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2025-22275", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2025/22xxx/CVE-2025-22275.json", + "dateUpdated": "2025-01-03T05:15:59.688Z" + } + ], + "error": [] + }, { "fetchTime": "2025-01-03T05:11:20.747Z", "numberOfChanges": 1,