admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2021/30xxx/CVE-2021-30640.json

114 lines
4.4 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2021-04-13 16:00:40 +00:00
{
"CVE_data_meta": {
Tomcat issues
2021-07-12 15:52:10 +01:00
"ASSIGNER": "security@apache.org",
"-Synchronized-Data."
2021-04-13 16:00:40 +00:00
"ID": "CVE-2021-30640",
Tomcat issues
2021-07-12 15:52:10 +01:00
"STATE": "PUBLIC",
"TITLE": "Auth weakness in JNDIRealm"
"-Synchronized-Data."
2021-04-13 16:00:40 +00:00
},
Tomcat issues
2021-07-12 15:52:10 +01:00
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Tomcat",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "Apache Tomcat 10",
"version_value": "10.0.0-M1 to 10.0.5"
},
{
"version_affected": "=",
"version_name": "Apache Tomcat 9",
"version_value": "9.0.0.M1 to 9.0.45"
},
{
"version_affected": "=",
"version_name": "Apache Tomcat 8.5",
"version_value": "8.5.0 to 8.5.65"
},
{
"version_affected": "=",
"version_name": "Apache Tomcat 7",
"version_value": "7.0.0 to 7.0.108"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"-Synchronized-Data."
2021-04-13 16:00:40 +00:00
"description": {
"description_data": [
{
"lang": "eng",
"-Synchronized-Data."
2021-07-12 15:00:54 +00:00
"value": "A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65."
"-Synchronized-Data."
2021-04-13 16:00:40 +00:00
}
]
Tomcat issues
2021-07-12 15:52:10 +01:00
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
"-Synchronized-Data."
2021-07-21 15:01:23 +00:00
{}
Tomcat issues
2021-07-12 15:52:10 +01:00
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication weaknees"
}
]
}
]
},
"references": {
"reference_data": [
{
"-Synchronized-Data."
2021-07-12 15:00:54 +00:00
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E",
"name": "https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E"
Bill Situ <Bill.Situ@Oracle.com> On branch cna/Oracle/CPU2021Jul3rd Changes to be committed: modified: 2012/0xxx/CVE-2012-0881.json modified: 2014/0xxx/CVE-2014-0107.json modified: 2015/0xxx/CVE-2015-0254.json modified: 2016/0xxx/CVE-2016-0762.json modified: 2016/4xxx/CVE-2016-4429.json modified: 2016/7xxx/CVE-2016-7103.json modified: 2017/14xxx/CVE-2017-14735.json modified: 2017/16xxx/CVE-2017-16931.json modified: 2017/3xxx/CVE-2017-3735.json modified: 2017/5xxx/CVE-2017-5461.json modified: 2017/5xxx/CVE-2017-5637.json modified: 2017/7xxx/CVE-2017-7656.json modified: 2017/7xxx/CVE-2017-7657.json modified: 2017/7xxx/CVE-2017-7658.json modified: 2017/9xxx/CVE-2017-9735.json modified: 2018/0xxx/CVE-2018-0737.json modified: 2018/0xxx/CVE-2018-0739.json modified: 2018/15xxx/CVE-2018-15686.json modified: 2018/15xxx/CVE-2018-15756.json modified: 2018/21xxx/CVE-2018-21010.json modified: 2018/7xxx/CVE-2018-7160.json modified: 2018/7xxx/CVE-2018-7183.json modified: 2019/0xxx/CVE-2019-0190.json modified: 2019/0xxx/CVE-2019-0201.json modified: 2019/0xxx/CVE-2019-0205.json modified: 2019/0xxx/CVE-2019-0210.json modified: 2019/0xxx/CVE-2019-0219.json modified: 2019/0xxx/CVE-2019-0228.json modified: 2019/10xxx/CVE-2019-10086.json modified: 2019/10xxx/CVE-2019-10173.json modified: 2019/10xxx/CVE-2019-10746.json modified: 2019/11xxx/CVE-2019-11358.json modified: 2019/12xxx/CVE-2019-12260.json modified: 2019/12xxx/CVE-2019-12399.json modified: 2019/12xxx/CVE-2019-12402.json modified: 2019/12xxx/CVE-2019-12415.json modified: 2019/12xxx/CVE-2019-12973.json modified: 2019/13xxx/CVE-2019-13990.json modified: 2019/15xxx/CVE-2019-15604.json modified: 2019/15xxx/CVE-2019-15605.json modified: 2019/15xxx/CVE-2019-15606.json modified: 2019/16xxx/CVE-2019-16942.json modified: 2019/16xxx/CVE-2019-16943.json modified: 2019/17xxx/CVE-2019-17195.json modified: 2019/17xxx/CVE-2019-17531.json modified: 2019/17xxx/CVE-2019-17543.json modified: 2019/17xxx/CVE-2019-17545.json modified: 2019/17xxx/CVE-2019-17566.json modified: 2019/20xxx/CVE-2019-20330.json modified: 2019/3xxx/CVE-2019-3738.json modified: 2019/3xxx/CVE-2019-3739.json modified: 2019/3xxx/CVE-2019-3740.json modified: 2019/3xxx/CVE-2019-3773.json modified: 2019/5xxx/CVE-2019-5063.json modified: 2019/5xxx/CVE-2019-5064.json modified: 2020/10xxx/CVE-2020-10531.json modified: 2020/10xxx/CVE-2020-10543.json modified: 2020/10xxx/CVE-2020-10683.json modified: 2020/10xxx/CVE-2020-10878.json modified: 2020/11xxx/CVE-2020-11022.json modified: 2020/11xxx/CVE-2020-11023.json modified: 2020/11xxx/CVE-2020-11080.json modified: 2020/11xxx/CVE-2020-11612.json modified: 2020/11xxx/CVE-2020-11868.json modified: 2020/11xxx/CVE-2020-11973.json modified: 2020/11xxx/CVE-2020-11979.json modified: 2020/11xxx/CVE-2020-11987.json modified: 2020/11xxx/CVE-2020-11988.json modified: 2020/11xxx/CVE-2020-11998.json modified: 2020/12xxx/CVE-2020-12723.json modified: 2020/13xxx/CVE-2020-13934.json modified: 2020/13xxx/CVE-2020-13935.json modified: 2020/13xxx/CVE-2020-13949.json modified: 2020/13xxx/CVE-2020-13956.json modified: 2020/14xxx/CVE-2020-14060.json modified: 2020/14xxx/CVE-2020-14061.json modified: 2020/14xxx/CVE-2020-14062.json modified: 2020/14xxx/CVE-2020-14195.json modified: 2020/15xxx/CVE-2020-15389.json modified: 2020/17xxx/CVE-2020-17521.json modified: 2020/17xxx/CVE-2020-17527.json modified: 2020/17xxx/CVE-2020-17530.json modified: 2020/1xxx/CVE-2020-1941.json modified: 2020/1xxx/CVE-2020-1945.json modified: 2020/1xxx/CVE-2020-1967.json modified: 2020/1xxx/CVE-2020-1968.json modified: 2020/1xxx/CVE-2020-1971.json modified: 2020/24xxx/CVE-2020-24553.json modified: 2020/24xxx/CVE-2020-24616.json modified: 2020/24xxx/CVE-2020-24750.json modified: 2020/25xxx/CVE-2020-25638.json modified: 2020/25xxx/CVE-2020-25648.json modified: 2020/25xxx/CVE-2020-25649.json modified: 2020/26xxx/CVE-2020-26217.json modified: 2020/26xxx/CVE-2020-26870.json modified: 2020/27xxx/CVE-2020-27193.json modified: 2020/27xxx/CVE-2020-27216.json modified: 2020/27xxx/CVE-2020-27218.json modified: 2020/27xxx/CVE-2020-27783.json modified: 2020/27xxx/CVE-2020-27814.json modified: 2020/27xxx/CVE-2020-27841.json modified: 2020/27xxx/CVE-2020-27842.json modified: 2020/27xxx/CVE-2020-27843.json modified: 2020/27xxx/CVE-2020-27844.json modified: 2020/27xxx/CVE-2020-27845.json modified: 2020/28xxx/CVE-2020-28052.json modified: 2020/28xxx/CVE-2020-28196.json modified: 2020/28xxx/CVE-2020-28500.json modified: 2020/28xxx/CVE-2020-28928.json modified: 2020/29xxx/CVE-2020-29582.json modified: 2020/35xxx/CVE-2020-35490.json modified: 2020/35xxx/CVE-2020-35491.json modified: 2020/35xxx/CVE-2020-35728.json modified: 2020/36xxx/CVE-2020-36179.json modified: 2020/36xxx/CVE-2020-36180.json modified: 2020/36xxx/CVE-2020-36181.json modified: 2020/36xxx/CVE-2020-36182.json modified: 2020/36xxx/CVE-2020-36183.json modified: 2020/36xxx/CVE-2020-36184.json modified: 2020/36xxx/CVE-2020-36185.json modified: 2020/36xxx/CVE-2020-36186.json modified: 2020/36xxx/CVE-2020-36187.json modified: 2020/36xxx/CVE-2020-36188.json modified: 2020/36xxx/CVE-2020-36189.json modified: 2020/5xxx/CVE-2020-5258.json modified: 2020/5xxx/CVE-2020-5397.json modified: 2020/5xxx/CVE-2020-5398.json modified: 2020/5xxx/CVE-2020-5413.json modified: 2020/5xxx/CVE-2020-5421.json modified: 2020/7xxx/CVE-2020-7016.json modified: 2020/7xxx/CVE-2020-7017.json modified: 2020/7xxx/CVE-2020-7712.json modified: 2020/7xxx/CVE-2020-7733.json modified: 2020/7xxx/CVE-2020-7760.json modified: 2020/8xxx/CVE-2020-8172.json modified: 2020/8xxx/CVE-2020-8174.json modified: 2020/8xxx/CVE-2020-8203.json modified: 2020/8xxx/CVE-2020-8277.json modified: 2020/8xxx/CVE-2020-8284.json modified: 2020/8xxx/CVE-2020-8285.json modified: 2020/8xxx/CVE-2020-8286.json modified: 2020/8xxx/CVE-2020-8554.json modified: 2020/8xxx/CVE-2020-8908.json modified: 2020/9xxx/CVE-2020-9484.json modified: 2020/9xxx/CVE-2020-9489.json modified: 2021/20xxx/CVE-2021-20190.json modified: 2021/20xxx/CVE-2021-20227.json modified: 2021/21xxx/CVE-2021-21275.json modified: 2021/21xxx/CVE-2021-21290.json modified: 2021/21xxx/CVE-2021-21341.json modified: 2021/21xxx/CVE-2021-21342.json modified: 2021/21xxx/CVE-2021-21343.json modified: 2021/21xxx/CVE-2021-21344.json modified: 2021/21xxx/CVE-2021-21345.json modified: 2021/21xxx/CVE-2021-21346.json modified: 2021/21xxx/CVE-2021-21347.json modified: 2021/21xxx/CVE-2021-21348.json modified: 2021/21xxx/CVE-2021-21349.json modified: 2021/21xxx/CVE-2021-21350.json modified: 2021/21xxx/CVE-2021-21351.json modified: 2021/21xxx/CVE-2021-21409.json modified: 2021/22xxx/CVE-2021-22112.json modified: 2021/22xxx/CVE-2021-22118.json modified: 2021/22xxx/CVE-2021-22876.json modified: 2021/22xxx/CVE-2021-22883.json modified: 2021/22xxx/CVE-2021-22884.json modified: 2021/22xxx/CVE-2021-22890.json modified: 2021/22xxx/CVE-2021-22897.json modified: 2021/22xxx/CVE-2021-22898.json modified: 2021/22xxx/CVE-2021-22901.json modified: 2021/23xxx/CVE-2021-23336.json modified: 2021/23xxx/CVE-2021-23337.json modified: 2021/23xxx/CVE-2021-23839.json modified: 2021/23xxx/CVE-2021-23840.json modified: 2021/23xxx/CVE-2021-23841.json modified: 2021/24xxx/CVE-2021-24122.json modified: 2021/25xxx/CVE-2021-25122.json modified: 2021/25xxx/CVE-2021-25329.json modified: 2021/26xxx/CVE-2021-26117.json modified: 2021/26xxx/CVE-2021-26271.json modified: 2021/26xxx/CVE-2021-26272.json modified: 2021/27xxx/CVE-2021-27568.json modified: 2021/27xxx/CVE-2021-27807.json modified: 2021/27xxx/CVE-2021-27906.json modified: 2021/28xxx/CVE-2021-28041.json modified: 2021/28xxx/CVE-2021-28165.json modified: 2021/29xxx/CVE-2021-29921.json modified: 2021/30xxx/CVE-2021-30640.json modified: 2021/31xxx/CVE-2021-31811.json modified: 2021/33xxx/CVE-2021-33037.json modified: 2021/3xxx/CVE-2021-3156.json modified: 2021/3xxx/CVE-2021-3177.json modified: 2021/3xxx/CVE-2021-3345.json modified: 2021/3xxx/CVE-2021-3449.json modified: 2021/3xxx/CVE-2021-3450.json modified: 2021/3xxx/CVE-2021-3520.json
2021-07-20 14:01:27 -07:00
},
{
"-Synchronized-Data."
2021-07-21 15:01:23 +00:00
"url": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
"name": "https://www.oracle.com//security-alerts/cpujul2021.html"
"-Synchronized-Data."
2021-08-06 00:00:54 +00:00
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210805 [SECURITY] [DLA 2733-1] tomcat8 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html"
"-Synchronized-Data."
2021-08-10 15:00:51 +00:00
},
{
"refsource": "DEBIAN",
"name": "DSA-4952",
"url": "https://www.debian.org/security/2021/dsa-4952"
"-Synchronized-Data."
2021-08-27 07:00:57 +00:00
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210827-0007/",
"url": "https://security.netapp.com/advisory/ntap-20210827-0007/"
"-Synchronized-Data."
2021-10-15 15:01:06 +00:00
},
{
"refsource": "DEBIAN",
"name": "DSA-4986",
"url": "https://www.debian.org/security/2021/dsa-4986"
Tomcat issues
2021-07-12 15:52:10 +01:00
}
]
},
"source": {
"discovery": "UNKNOWN"
"-Synchronized-Data."
2021-04-13 16:00:40 +00:00
}
"-Synchronized-Data."
2021-07-12 15:00:54 +00:00
}
Reference in New Issue Copy Permalink