admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2020/7xxx/CVE-2020-7712.json

182 lines
8.7 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2020-01-21 23:01:29 +00:00
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
Adds CVE-2020-7712
2020-08-30 08:13:28 +01:00
"ASSIGNER": "report@snyk.io",
"DATE_PUBLIC": "2020-08-30T07:13:25.668015Z",
"-Synchronized-Data."
2020-01-21 23:01:29 +00:00
"ID": "CVE-2020-7712",
Adds CVE-2020-7712
2020-08-30 08:13:28 +01:00
"STATE": "PUBLIC",
"TITLE": "Command Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "json",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "10.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"-Synchronized-Data."
2020-08-30 08:01:34 +00:00
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-JSON-597481",
"name": "https://snyk.io/vuln/SNYK-JS-JSON-597481"
Adds CVE-2020-7712
2020-08-30 08:13:28 +01:00
},
{
"-Synchronized-Data."
2020-08-30 08:01:34 +00:00
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-608931",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-608931"
Adds CVE-2020-7712
2020-08-30 08:13:28 +01:00
},
{
"-Synchronized-Data."
2020-08-30 08:01:34 +00:00
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-608932",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-608932"
Adds CVE-2020-7712
2020-08-30 08:13:28 +01:00
},
{
"-Synchronized-Data."
2020-08-30 08:01:34 +00:00
"refsource": "MISC",
"url": "https://github.com/trentm/json/issues/144",
"name": "https://github.com/trentm/json/issues/144"
Adds CVE-2020-7712
2020-08-30 08:13:28 +01:00
},
{
"-Synchronized-Data."
2020-08-30 08:01:34 +00:00
"refsource": "MISC",
"url": "https://github.com/trentm/json/pull/145",
"name": "https://github.com/trentm/json/pull/145"
"-Synchronized-Data."
2020-09-13 07:01:34 +00:00
},
{
"refsource": "MLIST",
"name": "[zookeeper-dev] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
"url": "https://lists.apache.org/thread.html/r8d2e174230f6d26e16c007546e804c343f1f68956f526daaafa4aaae@%3Cdev.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
"url": "https://lists.apache.org/thread.html/rd9b9cc843f5cf5b532bdad9e87a817967efcf52b917e8c43b6df4cc7@%3Cissues.zookeeper.apache.org%3E"
"-Synchronized-Data."
2020-09-13 08:01:31 +00:00
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200913 [jira] [Resolved] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
"url": "https://lists.apache.org/thread.html/ree3abcd33c06ee95ab59faa1751198a1186d8941ddc2c2562c12966c@%3Cissues.zookeeper.apache.org%3E"
"-Synchronized-Data."
2020-09-30 18:02:48 +00:00
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200930 [jira] [Comment Edited] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
"url": "https://lists.apache.org/thread.html/rb023d54a46da1ac0d8969097f5fecc79636b07d3b80db7b818a5c55c@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200930 [jira] [Commented] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
"url": "https://lists.apache.org/thread.html/rb2b981912446a74e14fe6076c4b7c7d8502727ea0718e6a65a9b1be5@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[flink-dev] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
"url": "https://lists.apache.org/thread.html/r9c6d28e5b9a9b3481b7d1f90f1c2f75cd1a5ade91038426e0fb095da@%3Cdev.flink.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[flink-issues] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
"url": "https://lists.apache.org/thread.html/r977a907ecbedf87ae5ba47d4c77639efb120f74d4d1b3de14a4ef4da@%3Cissues.flink.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200930 [jira] [Issue Comment Deleted] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
"url": "https://lists.apache.org/thread.html/r5f17bfca1d6e7f4b33ae978725b2fd62a9f1b3111696eafa9add802d@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[flink-issues] 20200930 [jira] [Commented] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
"url": "https://lists.apache.org/thread.html/ra890c24b3d90be36daf48ae76b263acb297003db24c1122f8e4aaef2@%3Cissues.flink.apache.org%3E"
"-Synchronized-Data."
2020-09-30 19:03:09 +00:00
},
{
"refsource": "MLIST",
"name": "[flink-issues] 20200930 [jira] [Updated] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
"url": "https://lists.apache.org/thread.html/rba7ea4d75d6a8e5b935991d960d9b893fd30e576c4d3b531084ebd7d@%3Cissues.flink.apache.org%3E"
"-Synchronized-Data."
2020-10-14 10:01:32 +00:00
},
{
"refsource": "MLIST",
"name": "[flink-issues] 20201014 [jira] [Closed] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
"url": "https://lists.apache.org/thread.html/rb89bd82dffec49f83b49e9ad625b1b63a408b3c7d1a60d6f049142a0@%3Cissues.flink.apache.org%3E"
"-Synchronized-Data."
2021-01-06 17:06:28 +00:00
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20210106 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
"url": "https://lists.apache.org/thread.html/rec8bb4d637b04575da41cfae49118e108e95d43bfac39b7b698ee4db@%3Cissues.zookeeper.apache.org%3E"
"-Synchronized-Data."
2021-04-04 07:00:48 +00:00
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20210404 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
"url": "https://lists.apache.org/thread.html/r37c0e1807da7ff2bdd028bbe296465a6bbb99e2320dbe661d5d8b33b@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20210404 [jira] [Assigned] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
"url": "https://lists.apache.org/thread.html/r3b04f4e99a19613f88ae088aa18cd271231a3c79dfff8f5efa8cda61@%3Cissues.zookeeper.apache.org%3E"
Bill Situ <Bill.Situ@Oracle.com> On branch cna/Oracle/CPU2021Jul3rd Changes to be committed: modified: 2012/0xxx/CVE-2012-0881.json modified: 2014/0xxx/CVE-2014-0107.json modified: 2015/0xxx/CVE-2015-0254.json modified: 2016/0xxx/CVE-2016-0762.json modified: 2016/4xxx/CVE-2016-4429.json modified: 2016/7xxx/CVE-2016-7103.json modified: 2017/14xxx/CVE-2017-14735.json modified: 2017/16xxx/CVE-2017-16931.json modified: 2017/3xxx/CVE-2017-3735.json modified: 2017/5xxx/CVE-2017-5461.json modified: 2017/5xxx/CVE-2017-5637.json modified: 2017/7xxx/CVE-2017-7656.json modified: 2017/7xxx/CVE-2017-7657.json modified: 2017/7xxx/CVE-2017-7658.json modified: 2017/9xxx/CVE-2017-9735.json modified: 2018/0xxx/CVE-2018-0737.json modified: 2018/0xxx/CVE-2018-0739.json modified: 2018/15xxx/CVE-2018-15686.json modified: 2018/15xxx/CVE-2018-15756.json modified: 2018/21xxx/CVE-2018-21010.json modified: 2018/7xxx/CVE-2018-7160.json modified: 2018/7xxx/CVE-2018-7183.json modified: 2019/0xxx/CVE-2019-0190.json modified: 2019/0xxx/CVE-2019-0201.json modified: 2019/0xxx/CVE-2019-0205.json modified: 2019/0xxx/CVE-2019-0210.json modified: 2019/0xxx/CVE-2019-0219.json modified: 2019/0xxx/CVE-2019-0228.json modified: 2019/10xxx/CVE-2019-10086.json modified: 2019/10xxx/CVE-2019-10173.json modified: 2019/10xxx/CVE-2019-10746.json modified: 2019/11xxx/CVE-2019-11358.json modified: 2019/12xxx/CVE-2019-12260.json modified: 2019/12xxx/CVE-2019-12399.json modified: 2019/12xxx/CVE-2019-12402.json modified: 2019/12xxx/CVE-2019-12415.json modified: 2019/12xxx/CVE-2019-12973.json modified: 2019/13xxx/CVE-2019-13990.json modified: 2019/15xxx/CVE-2019-15604.json modified: 2019/15xxx/CVE-2019-15605.json modified: 2019/15xxx/CVE-2019-15606.json modified: 2019/16xxx/CVE-2019-16942.json modified: 2019/16xxx/CVE-2019-16943.json modified: 2019/17xxx/CVE-2019-17195.json modified: 2019/17xxx/CVE-2019-17531.json modified: 2019/17xxx/CVE-2019-17543.json modified: 2019/17xxx/CVE-2019-17545.json modified: 2019/17xxx/CVE-2019-17566.json modified: 2019/20xxx/CVE-2019-20330.json modified: 2019/3xxx/CVE-2019-3738.json modified: 2019/3xxx/CVE-2019-3739.json modified: 2019/3xxx/CVE-2019-3740.json modified: 2019/3xxx/CVE-2019-3773.json modified: 2019/5xxx/CVE-2019-5063.json modified: 2019/5xxx/CVE-2019-5064.json modified: 2020/10xxx/CVE-2020-10531.json modified: 2020/10xxx/CVE-2020-10543.json modified: 2020/10xxx/CVE-2020-10683.json modified: 2020/10xxx/CVE-2020-10878.json modified: 2020/11xxx/CVE-2020-11022.json modified: 2020/11xxx/CVE-2020-11023.json modified: 2020/11xxx/CVE-2020-11080.json modified: 2020/11xxx/CVE-2020-11612.json modified: 2020/11xxx/CVE-2020-11868.json modified: 2020/11xxx/CVE-2020-11973.json modified: 2020/11xxx/CVE-2020-11979.json modified: 2020/11xxx/CVE-2020-11987.json modified: 2020/11xxx/CVE-2020-11988.json modified: 2020/11xxx/CVE-2020-11998.json modified: 2020/12xxx/CVE-2020-12723.json modified: 2020/13xxx/CVE-2020-13934.json modified: 2020/13xxx/CVE-2020-13935.json modified: 2020/13xxx/CVE-2020-13949.json modified: 2020/13xxx/CVE-2020-13956.json modified: 2020/14xxx/CVE-2020-14060.json modified: 2020/14xxx/CVE-2020-14061.json modified: 2020/14xxx/CVE-2020-14062.json modified: 2020/14xxx/CVE-2020-14195.json modified: 2020/15xxx/CVE-2020-15389.json modified: 2020/17xxx/CVE-2020-17521.json modified: 2020/17xxx/CVE-2020-17527.json modified: 2020/17xxx/CVE-2020-17530.json modified: 2020/1xxx/CVE-2020-1941.json modified: 2020/1xxx/CVE-2020-1945.json modified: 2020/1xxx/CVE-2020-1967.json modified: 2020/1xxx/CVE-2020-1968.json modified: 2020/1xxx/CVE-2020-1971.json modified: 2020/24xxx/CVE-2020-24553.json modified: 2020/24xxx/CVE-2020-24616.json modified: 2020/24xxx/CVE-2020-24750.json modified: 2020/25xxx/CVE-2020-25638.json modified: 2020/25xxx/CVE-2020-25648.json modified: 2020/25xxx/CVE-2020-25649.json modified: 2020/26xxx/CVE-2020-26217.json modified: 2020/26xxx/CVE-2020-26870.json modified: 2020/27xxx/CVE-2020-27193.json modified: 2020/27xxx/CVE-2020-27216.json modified: 2020/27xxx/CVE-2020-27218.json modified: 2020/27xxx/CVE-2020-27783.json modified: 2020/27xxx/CVE-2020-27814.json modified: 2020/27xxx/CVE-2020-27841.json modified: 2020/27xxx/CVE-2020-27842.json modified: 2020/27xxx/CVE-2020-27843.json modified: 2020/27xxx/CVE-2020-27844.json modified: 2020/27xxx/CVE-2020-27845.json modified: 2020/28xxx/CVE-2020-28052.json modified: 2020/28xxx/CVE-2020-28196.json modified: 2020/28xxx/CVE-2020-28500.json modified: 2020/28xxx/CVE-2020-28928.json modified: 2020/29xxx/CVE-2020-29582.json modified: 2020/35xxx/CVE-2020-35490.json modified: 2020/35xxx/CVE-2020-35491.json modified: 2020/35xxx/CVE-2020-35728.json modified: 2020/36xxx/CVE-2020-36179.json modified: 2020/36xxx/CVE-2020-36180.json modified: 2020/36xxx/CVE-2020-36181.json modified: 2020/36xxx/CVE-2020-36182.json modified: 2020/36xxx/CVE-2020-36183.json modified: 2020/36xxx/CVE-2020-36184.json modified: 2020/36xxx/CVE-2020-36185.json modified: 2020/36xxx/CVE-2020-36186.json modified: 2020/36xxx/CVE-2020-36187.json modified: 2020/36xxx/CVE-2020-36188.json modified: 2020/36xxx/CVE-2020-36189.json modified: 2020/5xxx/CVE-2020-5258.json modified: 2020/5xxx/CVE-2020-5397.json modified: 2020/5xxx/CVE-2020-5398.json modified: 2020/5xxx/CVE-2020-5413.json modified: 2020/5xxx/CVE-2020-5421.json modified: 2020/7xxx/CVE-2020-7016.json modified: 2020/7xxx/CVE-2020-7017.json modified: 2020/7xxx/CVE-2020-7712.json modified: 2020/7xxx/CVE-2020-7733.json modified: 2020/7xxx/CVE-2020-7760.json modified: 2020/8xxx/CVE-2020-8172.json modified: 2020/8xxx/CVE-2020-8174.json modified: 2020/8xxx/CVE-2020-8203.json modified: 2020/8xxx/CVE-2020-8277.json modified: 2020/8xxx/CVE-2020-8284.json modified: 2020/8xxx/CVE-2020-8285.json modified: 2020/8xxx/CVE-2020-8286.json modified: 2020/8xxx/CVE-2020-8554.json modified: 2020/8xxx/CVE-2020-8908.json modified: 2020/9xxx/CVE-2020-9484.json modified: 2020/9xxx/CVE-2020-9489.json modified: 2021/20xxx/CVE-2021-20190.json modified: 2021/20xxx/CVE-2021-20227.json modified: 2021/21xxx/CVE-2021-21275.json modified: 2021/21xxx/CVE-2021-21290.json modified: 2021/21xxx/CVE-2021-21341.json modified: 2021/21xxx/CVE-2021-21342.json modified: 2021/21xxx/CVE-2021-21343.json modified: 2021/21xxx/CVE-2021-21344.json modified: 2021/21xxx/CVE-2021-21345.json modified: 2021/21xxx/CVE-2021-21346.json modified: 2021/21xxx/CVE-2021-21347.json modified: 2021/21xxx/CVE-2021-21348.json modified: 2021/21xxx/CVE-2021-21349.json modified: 2021/21xxx/CVE-2021-21350.json modified: 2021/21xxx/CVE-2021-21351.json modified: 2021/21xxx/CVE-2021-21409.json modified: 2021/22xxx/CVE-2021-22112.json modified: 2021/22xxx/CVE-2021-22118.json modified: 2021/22xxx/CVE-2021-22876.json modified: 2021/22xxx/CVE-2021-22883.json modified: 2021/22xxx/CVE-2021-22884.json modified: 2021/22xxx/CVE-2021-22890.json modified: 2021/22xxx/CVE-2021-22897.json modified: 2021/22xxx/CVE-2021-22898.json modified: 2021/22xxx/CVE-2021-22901.json modified: 2021/23xxx/CVE-2021-23336.json modified: 2021/23xxx/CVE-2021-23337.json modified: 2021/23xxx/CVE-2021-23839.json modified: 2021/23xxx/CVE-2021-23840.json modified: 2021/23xxx/CVE-2021-23841.json modified: 2021/24xxx/CVE-2021-24122.json modified: 2021/25xxx/CVE-2021-25122.json modified: 2021/25xxx/CVE-2021-25329.json modified: 2021/26xxx/CVE-2021-26117.json modified: 2021/26xxx/CVE-2021-26271.json modified: 2021/26xxx/CVE-2021-26272.json modified: 2021/27xxx/CVE-2021-27568.json modified: 2021/27xxx/CVE-2021-27807.json modified: 2021/27xxx/CVE-2021-27906.json modified: 2021/28xxx/CVE-2021-28041.json modified: 2021/28xxx/CVE-2021-28165.json modified: 2021/29xxx/CVE-2021-29921.json modified: 2021/30xxx/CVE-2021-30640.json modified: 2021/31xxx/CVE-2021-31811.json modified: 2021/33xxx/CVE-2021-33037.json modified: 2021/3xxx/CVE-2021-3156.json modified: 2021/3xxx/CVE-2021-3177.json modified: 2021/3xxx/CVE-2021-3345.json modified: 2021/3xxx/CVE-2021-3449.json modified: 2021/3xxx/CVE-2021-3450.json modified: 2021/3xxx/CVE-2021-3520.json
2021-07-20 14:01:27 -07:00
},
{
"-Synchronized-Data."
2021-07-21 15:01:03 +00:00
"url": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
"name": "https://www.oracle.com//security-alerts/cpujul2021.html"
Adds CVE-2020-7712
2020-08-30 08:13:28 +01:00
}
]
"-Synchronized-Data."
2020-01-21 23:01:29 +00:00
},
"description": {
"description_data": [
{
"lang": "eng",
"-Synchronized-Data."
2020-08-30 08:01:34 +00:00
"value": "This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function."
"-Synchronized-Data."
2020-01-21 23:01:29 +00:00
}
]
Adds CVE-2020-7712
2020-08-30 08:13:28 +01:00
},
"impact": {
"cvss": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
}
},
"credit": [
{
"lang": "eng",
"value": "po6ix"
}
]
"-Synchronized-Data."
2020-01-21 23:01:29 +00:00
}
Reference in New Issue Copy Permalink