From 13956c7e2b7529cd47458266d2418085e6595892 Mon Sep 17 00:00:00 2001 From: gitadvisor Date: Wed, 15 Jan 2025 11:16:57 +0000 Subject: [PATCH] generated content from 2025-01-15 --- mapping.csv | 15 +++++++++++++ ...-246f388d-dedd-4607-85e9-fc53bc15839f.json | 22 +++++++++++++++++++ ...-288a0e63-6a99-488c-8fe9-85b2a3d718fe.json | 22 +++++++++++++++++++ ...-293b570f-25a9-470d-8832-9e17ae74c4fb.json | 22 +++++++++++++++++++ ...-3b862653-01e3-40ac-94e4-807fe8f48a98.json | 22 +++++++++++++++++++ ...-42531fc5-4203-4966-88b9-e042cfee9232.json | 22 +++++++++++++++++++ ...-4da24cd4-b451-4556-9936-b62a72269354.json | 22 +++++++++++++++++++ ...-4e6d033f-c003-4eb0-916d-470402ef827c.json | 22 +++++++++++++++++++ ...-73f2505a-d930-40c4-b11f-6047eb60814e.json | 22 +++++++++++++++++++ ...-825d1908-d371-4a4f-a1bd-96f0bad306d1.json | 22 +++++++++++++++++++ ...-a1f940d9-221b-434d-9f50-0afaa5013590.json | 22 +++++++++++++++++++ ...-a7ef149e-3e57-47bd-abd3-ce022276a0fa.json | 22 +++++++++++++++++++ ...-af7d2e46-7dfa-4e7d-9645-5ca0b6137997.json | 22 +++++++++++++++++++ ...-b869bea9-af28-4525-bc4d-d980fe75886c.json | 22 +++++++++++++++++++ ...-c296acbb-34cf-4778-bc81-c8f8a225c22f.json | 22 +++++++++++++++++++ ...-c30503fe-39b9-435d-9ad9-021ca9b49466.json | 22 +++++++++++++++++++ 16 files changed, 345 insertions(+) create mode 100644 objects/vulnerability/vulnerability--246f388d-dedd-4607-85e9-fc53bc15839f.json create mode 100644 objects/vulnerability/vulnerability--288a0e63-6a99-488c-8fe9-85b2a3d718fe.json create mode 100644 objects/vulnerability/vulnerability--293b570f-25a9-470d-8832-9e17ae74c4fb.json create mode 100644 objects/vulnerability/vulnerability--3b862653-01e3-40ac-94e4-807fe8f48a98.json create mode 100644 objects/vulnerability/vulnerability--42531fc5-4203-4966-88b9-e042cfee9232.json create mode 100644 objects/vulnerability/vulnerability--4da24cd4-b451-4556-9936-b62a72269354.json create mode 100644 objects/vulnerability/vulnerability--4e6d033f-c003-4eb0-916d-470402ef827c.json create mode 100644 objects/vulnerability/vulnerability--73f2505a-d930-40c4-b11f-6047eb60814e.json create mode 100644 objects/vulnerability/vulnerability--825d1908-d371-4a4f-a1bd-96f0bad306d1.json create mode 100644 objects/vulnerability/vulnerability--a1f940d9-221b-434d-9f50-0afaa5013590.json create mode 100644 objects/vulnerability/vulnerability--a7ef149e-3e57-47bd-abd3-ce022276a0fa.json create mode 100644 objects/vulnerability/vulnerability--af7d2e46-7dfa-4e7d-9645-5ca0b6137997.json create mode 100644 objects/vulnerability/vulnerability--b869bea9-af28-4525-bc4d-d980fe75886c.json create mode 100644 objects/vulnerability/vulnerability--c296acbb-34cf-4778-bc81-c8f8a225c22f.json create mode 100644 objects/vulnerability/vulnerability--c30503fe-39b9-435d-9ad9-021ca9b49466.json diff --git a/mapping.csv b/mapping.csv index 9493b64c43..4d0f70b137 100644 --- a/mapping.csv +++ b/mapping.csv @@ -263662,3 +263662,18 @@ vulnerability,CVE-2024-12818,vulnerability--20f7cce9-3d59-445e-810a-b33e47a3ca69 vulnerability,CVE-2024-12423,vulnerability--ee067756-7e41-4c91-ac08-dd047878b047 vulnerability,CVE-2024-12403,vulnerability--6fed957b-c7cf-4f90-bbe1-9e65be33b555 vulnerability,CVE-2024-10775,vulnerability--404ae974-9337-4151-a127-8e8e8183d7f5 +vulnerability,CVE-2024-35280,vulnerability--288a0e63-6a99-488c-8fe9-85b2a3d718fe +vulnerability,CVE-2024-12297,vulnerability--3b862653-01e3-40ac-94e4-807fe8f48a98 +vulnerability,CVE-2025-0446,vulnerability--825d1908-d371-4a4f-a1bd-96f0bad306d1 +vulnerability,CVE-2025-0434,vulnerability--246f388d-dedd-4607-85e9-fc53bc15839f +vulnerability,CVE-2025-0438,vulnerability--42531fc5-4203-4966-88b9-e042cfee9232 +vulnerability,CVE-2025-0448,vulnerability--a7ef149e-3e57-47bd-abd3-ce022276a0fa +vulnerability,CVE-2025-0436,vulnerability--a1f940d9-221b-434d-9f50-0afaa5013590 +vulnerability,CVE-2025-0435,vulnerability--4e6d033f-c003-4eb0-916d-470402ef827c +vulnerability,CVE-2025-0447,vulnerability--73f2505a-d930-40c4-b11f-6047eb60814e +vulnerability,CVE-2025-0439,vulnerability--c296acbb-34cf-4778-bc81-c8f8a225c22f +vulnerability,CVE-2025-0442,vulnerability--293b570f-25a9-470d-8832-9e17ae74c4fb +vulnerability,CVE-2025-0437,vulnerability--af7d2e46-7dfa-4e7d-9645-5ca0b6137997 +vulnerability,CVE-2025-0440,vulnerability--4da24cd4-b451-4556-9936-b62a72269354 +vulnerability,CVE-2025-0443,vulnerability--c30503fe-39b9-435d-9ad9-021ca9b49466 +vulnerability,CVE-2025-0441,vulnerability--b869bea9-af28-4525-bc4d-d980fe75886c diff --git a/objects/vulnerability/vulnerability--246f388d-dedd-4607-85e9-fc53bc15839f.json b/objects/vulnerability/vulnerability--246f388d-dedd-4607-85e9-fc53bc15839f.json new file mode 100644 index 0000000000..d9c1ed10b9 --- /dev/null +++ b/objects/vulnerability/vulnerability--246f388d-dedd-4607-85e9-fc53bc15839f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--13638187-55b5-4523-9aa2-2ca54bfe1451", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--246f388d-dedd-4607-85e9-fc53bc15839f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-15T11:16:41.489408Z", + "modified": "2025-01-15T11:16:41.489408Z", + "name": "CVE-2025-0434", + "description": "Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0434" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--288a0e63-6a99-488c-8fe9-85b2a3d718fe.json b/objects/vulnerability/vulnerability--288a0e63-6a99-488c-8fe9-85b2a3d718fe.json new file mode 100644 index 0000000000..f409de4d93 --- /dev/null +++ b/objects/vulnerability/vulnerability--288a0e63-6a99-488c-8fe9-85b2a3d718fe.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--86959f82-19e4-4567-80e5-183eb0c4ac89", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--288a0e63-6a99-488c-8fe9-85b2a3d718fe", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-15T11:16:35.559888Z", + "modified": "2025-01-15T11:16:35.559888Z", + "name": "CVE-2024-35280", + "description": "A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiDeceptor 3.x all versions, 4.x all versions, 5.0 all versions, 5.1 all versions, version 5.2.0, and version 5.3.0 may allow an attacker to perform a reflected cross-site scripting attack in the recovery endpoints", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-35280" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--293b570f-25a9-470d-8832-9e17ae74c4fb.json b/objects/vulnerability/vulnerability--293b570f-25a9-470d-8832-9e17ae74c4fb.json new file mode 100644 index 0000000000..d8dd03c898 --- /dev/null +++ b/objects/vulnerability/vulnerability--293b570f-25a9-470d-8832-9e17ae74c4fb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9e793337-6e0c-41b8-a1dd-b9912e0e4c4b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--293b570f-25a9-470d-8832-9e17ae74c4fb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-15T11:16:41.505969Z", + "modified": "2025-01-15T11:16:41.505969Z", + "name": "CVE-2025-0442", + "description": "Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0442" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3b862653-01e3-40ac-94e4-807fe8f48a98.json b/objects/vulnerability/vulnerability--3b862653-01e3-40ac-94e4-807fe8f48a98.json new file mode 100644 index 0000000000..2822775ed9 --- /dev/null +++ b/objects/vulnerability/vulnerability--3b862653-01e3-40ac-94e4-807fe8f48a98.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6e85af56-257a-444e-9361-ad8f1fc14d51", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3b862653-01e3-40ac-94e4-807fe8f48a98", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-15T11:16:36.574837Z", + "modified": "2025-01-15T11:16:36.574837Z", + "name": "CVE-2024-12297", + "description": "Moxa’s Ethernet switch EDS-508A Series, running firmware version 3.11 and earlier, is vulnerable to an authentication bypass because of flaws in its authorization mechanism. Although both client-side and back-end server verification are involved in the process, attackers can exploit weaknesses in its implementation. These vulnerabilities may enable brute-force attacks to guess valid credentials or MD5 collision attacks to forge authentication hashes, potentially compromising the security of the device.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-12297" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--42531fc5-4203-4966-88b9-e042cfee9232.json b/objects/vulnerability/vulnerability--42531fc5-4203-4966-88b9-e042cfee9232.json new file mode 100644 index 0000000000..72904a897a --- /dev/null +++ b/objects/vulnerability/vulnerability--42531fc5-4203-4966-88b9-e042cfee9232.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d01bb369-e57a-4370-9f43-7bf175c1639f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--42531fc5-4203-4966-88b9-e042cfee9232", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-15T11:16:41.491213Z", + "modified": "2025-01-15T11:16:41.491213Z", + "name": "CVE-2025-0438", + "description": "Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0438" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4da24cd4-b451-4556-9936-b62a72269354.json b/objects/vulnerability/vulnerability--4da24cd4-b451-4556-9936-b62a72269354.json new file mode 100644 index 0000000000..cce9f9bbaa --- /dev/null +++ b/objects/vulnerability/vulnerability--4da24cd4-b451-4556-9936-b62a72269354.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--eaa097b3-9f89-433a-8789-3f4fa924de99", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4da24cd4-b451-4556-9936-b62a72269354", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-15T11:16:41.511247Z", + "modified": "2025-01-15T11:16:41.511247Z", + "name": "CVE-2025-0440", + "description": "Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0440" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4e6d033f-c003-4eb0-916d-470402ef827c.json b/objects/vulnerability/vulnerability--4e6d033f-c003-4eb0-916d-470402ef827c.json new file mode 100644 index 0000000000..552e55bb23 --- /dev/null +++ b/objects/vulnerability/vulnerability--4e6d033f-c003-4eb0-916d-470402ef827c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9ceb5d66-9ad9-4fb5-bf80-b1f6a4b731c8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4e6d033f-c003-4eb0-916d-470402ef827c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-15T11:16:41.49867Z", + "modified": "2025-01-15T11:16:41.49867Z", + "name": "CVE-2025-0435", + "description": "Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0435" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--73f2505a-d930-40c4-b11f-6047eb60814e.json b/objects/vulnerability/vulnerability--73f2505a-d930-40c4-b11f-6047eb60814e.json new file mode 100644 index 0000000000..9b8e59be5d --- /dev/null +++ b/objects/vulnerability/vulnerability--73f2505a-d930-40c4-b11f-6047eb60814e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0914e1c8-39bc-46fd-9023-66f94f0c7a2b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--73f2505a-d930-40c4-b11f-6047eb60814e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-15T11:16:41.502979Z", + "modified": "2025-01-15T11:16:41.502979Z", + "name": "CVE-2025-0447", + "description": "Inappropriate implementation in Navigation in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0447" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--825d1908-d371-4a4f-a1bd-96f0bad306d1.json b/objects/vulnerability/vulnerability--825d1908-d371-4a4f-a1bd-96f0bad306d1.json new file mode 100644 index 0000000000..0b75753d4f --- /dev/null +++ b/objects/vulnerability/vulnerability--825d1908-d371-4a4f-a1bd-96f0bad306d1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--78f76a87-5880-49fe-99c6-626e2daf6e90", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--825d1908-d371-4a4f-a1bd-96f0bad306d1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-15T11:16:41.47561Z", + "modified": "2025-01-15T11:16:41.47561Z", + "name": "CVE-2025-0446", + "description": "Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0446" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a1f940d9-221b-434d-9f50-0afaa5013590.json b/objects/vulnerability/vulnerability--a1f940d9-221b-434d-9f50-0afaa5013590.json new file mode 100644 index 0000000000..a9914b5606 --- /dev/null +++ b/objects/vulnerability/vulnerability--a1f940d9-221b-434d-9f50-0afaa5013590.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8ba5a442-e464-44a1-a79c-d7bacba52f7e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a1f940d9-221b-434d-9f50-0afaa5013590", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-15T11:16:41.497321Z", + "modified": "2025-01-15T11:16:41.497321Z", + "name": "CVE-2025-0436", + "description": "Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0436" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a7ef149e-3e57-47bd-abd3-ce022276a0fa.json b/objects/vulnerability/vulnerability--a7ef149e-3e57-47bd-abd3-ce022276a0fa.json new file mode 100644 index 0000000000..aa8d8ec274 --- /dev/null +++ b/objects/vulnerability/vulnerability--a7ef149e-3e57-47bd-abd3-ce022276a0fa.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bc3a71b5-7dae-4288-bf9c-8650e26247b2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a7ef149e-3e57-47bd-abd3-ce022276a0fa", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-15T11:16:41.494132Z", + "modified": "2025-01-15T11:16:41.494132Z", + "name": "CVE-2025-0448", + "description": "Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0448" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--af7d2e46-7dfa-4e7d-9645-5ca0b6137997.json b/objects/vulnerability/vulnerability--af7d2e46-7dfa-4e7d-9645-5ca0b6137997.json new file mode 100644 index 0000000000..77c39ec9eb --- /dev/null +++ b/objects/vulnerability/vulnerability--af7d2e46-7dfa-4e7d-9645-5ca0b6137997.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6041d9a4-7b08-4158-94a0-00949ebd7bed", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--af7d2e46-7dfa-4e7d-9645-5ca0b6137997", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-15T11:16:41.509157Z", + "modified": "2025-01-15T11:16:41.509157Z", + "name": "CVE-2025-0437", + "description": "Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0437" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b869bea9-af28-4525-bc4d-d980fe75886c.json b/objects/vulnerability/vulnerability--b869bea9-af28-4525-bc4d-d980fe75886c.json new file mode 100644 index 0000000000..7f93c736ab --- /dev/null +++ b/objects/vulnerability/vulnerability--b869bea9-af28-4525-bc4d-d980fe75886c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6cfefbae-7962-4dd9-8837-451cd7f16c98", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b869bea9-af28-4525-bc4d-d980fe75886c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-15T11:16:41.526433Z", + "modified": "2025-01-15T11:16:41.526433Z", + "name": "CVE-2025-0441", + "description": "Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (Chromium security severity: Medium)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0441" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c296acbb-34cf-4778-bc81-c8f8a225c22f.json b/objects/vulnerability/vulnerability--c296acbb-34cf-4778-bc81-c8f8a225c22f.json new file mode 100644 index 0000000000..d8b4609e10 --- /dev/null +++ b/objects/vulnerability/vulnerability--c296acbb-34cf-4778-bc81-c8f8a225c22f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3d6ca172-a179-45e0-bee7-03e6b9039e82", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c296acbb-34cf-4778-bc81-c8f8a225c22f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-15T11:16:41.504756Z", + "modified": "2025-01-15T11:16:41.504756Z", + "name": "CVE-2025-0439", + "description": "Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0439" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c30503fe-39b9-435d-9ad9-021ca9b49466.json b/objects/vulnerability/vulnerability--c30503fe-39b9-435d-9ad9-021ca9b49466.json new file mode 100644 index 0000000000..4de1bc9409 --- /dev/null +++ b/objects/vulnerability/vulnerability--c30503fe-39b9-435d-9ad9-021ca9b49466.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--b64f63f6-e782-4c15-a90b-c567c8e26774", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c30503fe-39b9-435d-9ad9-021ca9b49466", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-15T11:16:41.523763Z", + "modified": "2025-01-15T11:16:41.523763Z", + "name": "CVE-2025-0443", + "description": "Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-0443" + } + ] + } + ] +} \ No newline at end of file