admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-02-01 20:00:42 +00:00
parent fcddb3a160
commit 01275d3549
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
3 changed files with 25 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2020/10xxx/CVE-2020-10176.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC",
"name": "https://firedome.io/blog/firedome-discloses-0-day-vulnerabilities-in-yale-ip-cameras/",
"url": "https://firedome.io/blog/firedome-discloses-0-day-vulnerabilities-in-yale-ip-cameras/"
},
{
"refsource": "MISC",
"name": "https://lp.firedome.io/hubfs/Yale%20WIPC-301W%20RCE%20Vulnerability%20Report%205-6.pdf",
"url": "https://lp.firedome.io/hubfs/Yale%20WIPC-301W%20RCE%20Vulnerability%20Report%205-6.pdf"
}
]
}

10
2020/23xxx/CVE-2020-23826.json
View File

@ -52,10 +52,20 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://firedome.io/blog/firedome-discloses-0-day-vulnerabilities-in-yale-ip-cameras/",
"url": "https://firedome.io/blog/firedome-discloses-0-day-vulnerabilities-in-yale-ip-cameras/"
},
{
"refsource": "MISC",
"name": "https://whiterosezex.blogspot.com/2021/01/cve-2020-23826-rce-vulnerability-in.html",
"url": "https://whiterosezex.blogspot.com/2021/01/cve-2020-23826-rce-vulnerability-in.html"
},
{
"refsource": "MISC",
"name": "https://lp.firedome.io/hubfs/Yale%20WIPC-301W%20RCE%20Vulnerability%20Report%205-6.pdf",
"url": "https://lp.firedome.io/hubfs/Yale%20WIPC-301W%20RCE%20Vulnerability%20Report%205-6.pdf"
}
]
}

17
2020/28xxx/CVE-2020-28493.json
View File

@ -52,16 +52,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994",
"name": "https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/pallets/jinja/blob/ab81fd9c277900c85da0c322a2ff9d68a235b2e6/src/jinja2/utils.py%23L20"
"refsource": "MISC",
"url": "https://github.com/pallets/jinja/blob/ab81fd9c277900c85da0c322a2ff9d68a235b2e6/src/jinja2/utils.py%23L20",
"name": "https://github.com/pallets/jinja/blob/ab81fd9c277900c85da0c322a2ff9d68a235b2e6/src/jinja2/utils.py%23L20"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/pallets/jinja/pull/1343"
"refsource": "MISC",
"url": "https://github.com/pallets/jinja/pull/1343",
"name": "https://github.com/pallets/jinja/pull/1343"
}
]
},
@ -69,7 +72,7 @@
"description_data": [
{
"lang": "eng",
"value": "This affects the package jinja2 from 0.0.0 and before 2.11.3.\n The ReDOS vulnerability of the regex is mainly due to the sub-pattern [a-zA-Z0-9._-]+.[a-zA-Z0-9._-]+\r\n\r\nThis issue can be mitigated by Markdown to format user content instead of the urlize filter, or by implementing request timeouts and limiting process memory.\r\n\r\n"
"value": "This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDOS vulnerability of the regex is mainly due to the sub-pattern [a-zA-Z0-9._-]+.[a-zA-Z0-9._-]+ This issue can be mitigated by Markdown to format user content instead of the urlize filter, or by implementing request timeouts and limiting process memory."
}
]
},