admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-10-25 17:35:59 +00:00
parent 45ce0ae65c
commit 015f3996a3
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
89 changed files with 3267 additions and 2020 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
2019/10xxx/CVE-2019-10279.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10279",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins jenkins-reviewbot Plugin",
"version": {
"version_data": [
{
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-285"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins jenkins-reviewbot Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107790",
"url": "http://www.securityfocus.com/bid/107790"
"url": "http://www.securityfocus.com/bid/107790",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107790"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190413 Re: Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1091",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1091"
}
]

69
2019/10xxx/CVE-2019-10280.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10280",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Assembla Auth Plugin",
"version": {
"version_data": [
{
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-256"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Assembla Auth Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107790",
"url": "http://www.securityfocus.com/bid/107790"
"url": "http://www.securityfocus.com/bid/107790",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107790"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190413 Re: Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1093",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1093"
}
]

69
2019/10xxx/CVE-2019-10281.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10281",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Relution Enterprise Appstore Publisher Plugin",
"version": {
"version_data": [
{
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-256"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Relution Enterprise Appstore Publisher Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107790",
"url": "http://www.securityfocus.com/bid/107790"
"url": "http://www.securityfocus.com/bid/107790",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107790"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190413 Re: Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-828",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-828"
}
]

69
2019/10xxx/CVE-2019-10282.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10282",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Klaros-Testmanagement Plugin",
"version": {
"version_data": [
{
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-256"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Klaros-Testmanagement Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107790",
"url": "http://www.securityfocus.com/bid/107790"
"url": "http://www.securityfocus.com/bid/107790",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107790"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190413 Re: Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-843",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-843"
}
]

69
2019/10xxx/CVE-2019-10283.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10283",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins mabl Plugin",
"version": {
"version_data": [
{
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-256"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins mabl Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107790",
"url": "http://www.securityfocus.com/bid/107790"
"url": "http://www.securityfocus.com/bid/107790",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107790"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190413 Re: Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-946",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-946"
}
]

69
2019/10xxx/CVE-2019-10284.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10284",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Diawi Upload Plugin",
"version": {
"version_data": [
{
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-256"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Diawi Upload Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107790",
"url": "http://www.securityfocus.com/bid/107790"
"url": "http://www.securityfocus.com/bid/107790",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107790"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190413 Re: Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-947",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-947"
}
]

69
2019/10xxx/CVE-2019-10285.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10285",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Minio Storage Plugin",
"version": {
"version_data": [
{
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-256"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Minio Storage Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107790",
"url": "http://www.securityfocus.com/bid/107790"
"url": "http://www.securityfocus.com/bid/107790",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107790"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190413 Re: Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-955",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-955"
}
]

69
2019/10xxx/CVE-2019-10286.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10286",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins DeployHub Plugin",
"version": {
"version_data": [
{
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-256"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins DeployHub Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107790",
"url": "http://www.securityfocus.com/bid/107790"
"url": "http://www.securityfocus.com/bid/107790",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107790"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190413 Re: Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-959",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-959"
}
]

69
2019/10xxx/CVE-2019-10287.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10287",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins youtrack-plugin Plugin",
"version": {
"version_data": [
{
"version_value": "0.7.1 and older"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-256"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins youtrack-plugin Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.7.1 and older"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107790",
"url": "http://www.securityfocus.com/bid/107790"
"url": "http://www.securityfocus.com/bid/107790",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107790"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190413 Re: Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-963",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-963"
}
]

69
2019/10xxx/CVE-2019-10288.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10288",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Jabber Server Plugin",
"version": {
"version_data": [
{
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-256"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Jabber Server Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107790",
"url": "http://www.securityfocus.com/bid/107790"
"url": "http://www.securityfocus.com/bid/107790",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107790"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190413 Re: Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1031",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1031"
}
]

69
2019/10xxx/CVE-2019-10289.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10289",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Netsparker Cloud Scan Plugin",
"version": {
"version_data": [
{
"version_value": "1.1.5 and older"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-352"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Netsparker Cloud Scan Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.1.5 and older"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107790",
"url": "http://www.securityfocus.com/bid/107790"
"url": "http://www.securityfocus.com/bid/107790",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107790"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190413 Re: Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1032",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1032"
}
]

69
2019/10xxx/CVE-2019-10290.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10290",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Netsparker Cloud Scan Plugin",
"version": {
"version_data": [
{
"version_value": "1.1.5 and older"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-285"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Netsparker Cloud Scan Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.1.5 and older"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107790",
"url": "http://www.securityfocus.com/bid/107790"
"url": "http://www.securityfocus.com/bid/107790",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107790"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190413 Re: Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1032",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1032"
}
]

69
2019/10xxx/CVE-2019-10291.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10291",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Netsparker Cloud Scan Plugin",
"version": {
"version_data": [
{
"version_value": "1.1.5 and older"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-256"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Netsparker Cloud Scan Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.1.5 and older"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107790",
"url": "http://www.securityfocus.com/bid/107790"
"url": "http://www.securityfocus.com/bid/107790",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107790"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190413 Re: Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1040",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1040"
}
]

69
2019/10xxx/CVE-2019-10292.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10292",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Kmap Plugin",
"version": {
"version_data": [
{
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-352"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Kmap Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions as of 2019-04-03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107790",
"url": "http://www.securityfocus.com/bid/107790"
"url": "http://www.securityfocus.com/bid/107790",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107790"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190413 Re: Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
"url": "http://www.openwall.com/lists/oss-security/2019/04/12/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/12/2"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1055",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-03/#SECURITY-1055"
}
]

71
2020/2xxx/CVE-2020-2222.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2222",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.244",
"version_affected": "<="
},
{
"version_value": "LTS 2.235.1",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.244"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1902",
"url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1902",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1902"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/07/15/5"
"url": "http://www.openwall.com/lists/oss-security/2020/07/15/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/07/15/5"
}
]
}

71
2020/2xxx/CVE-2020-2223.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2223",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.244",
"version_affected": "<="
},
{
"version_value": "LTS 2.235.1",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.244"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1945",
"url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1945",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1945"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/07/15/5"
"url": "http://www.openwall.com/lists/oss-security/2020/07/15/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/07/15/5"
}
]
}

67
2020/2xxx/CVE-2020-2224.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2224",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Matrix Project Plugin",
"version": {
"version_data": [
{
"version_value": "1.16",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Matrix Project Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.16"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1924",
"url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1924",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1924"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/07/15/5"
"url": "http://www.openwall.com/lists/oss-security/2020/07/15/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/07/15/5"
}
]
}

67
2020/2xxx/CVE-2020-2225.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2225",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Matrix Project Plugin",
"version": {
"version_data": [
{
"version_value": "1.16",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Matrix Project Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.16"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1925",
"url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1925",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1925"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/07/15/5"
"url": "http://www.openwall.com/lists/oss-security/2020/07/15/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/07/15/5"
}
]
}

67
2020/2xxx/CVE-2020-2226.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2226",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Matrix Authorization Strategy Plugin",
"version": {
"version_data": [
{
"version_value": "2.6.1",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Matrix Authorization Strategy Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.6.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1909",
"url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1909",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1909"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/07/15/5"
"url": "http://www.openwall.com/lists/oss-security/2020/07/15/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/07/15/5"
}
]
}

67
2020/2xxx/CVE-2020-2227.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2227",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Deployer Framework Plugin",
"version": {
"version_data": [
{
"version_value": "1.2",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Deployer Framework Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1915",
"url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1915",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1915"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/07/15/5"
"url": "http://www.openwall.com/lists/oss-security/2020/07/15/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/07/15/5"
}
]
}

67
2020/2xxx/CVE-2020-2228.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2228",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Gitlab Authentication Plugin",
"version": {
"version_data": [
{
"version_value": "1.5",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Gitlab Authentication Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1792",
"url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1792",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1792"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/07/15/5"
"url": "http://www.openwall.com/lists/oss-security/2020/07/15/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/07/15/5"
}
]
}

83
2020/2xxx/CVE-2020-2229.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2229",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.251",
"version_affected": "<="
},
{
"version_value": "LTS 2.235.3",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,28 +21,53 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.251"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1955",
"url": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1955",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200812 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/08/12/4"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html"
"name": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1955"
},
{
"url": "http://www.openwall.com/lists/oss-security/2020/08/12/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/08/12/4"
},
{
"url": "http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html"
}
]
}

83
2020/2xxx/CVE-2020-2230.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2230",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.251",
"version_affected": "<="
},
{
"version_value": "LTS 2.235.3",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,28 +21,53 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.251"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1957",
"url": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1957",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200812 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/08/12/4"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html"
"name": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1957"
},
{
"url": "http://www.openwall.com/lists/oss-security/2020/08/12/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/08/12/4"
},
{
"url": "http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html"
}
]
}

83
2020/2xxx/CVE-2020-2231.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2231",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.251",
"version_affected": "<="
},
{
"version_value": "LTS 2.235.3",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,28 +21,53 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.251"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1960",
"url": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1960",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200812 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/08/12/4"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/160616/Jenkins-2.251-LTS-2.235.3-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/160616/Jenkins-2.251-LTS-2.235.3-Cross-Site-Scripting.html"
"name": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1960"
},
{
"url": "http://www.openwall.com/lists/oss-security/2020/08/12/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/08/12/4"
},
{
"url": "http://packetstormsecurity.com/files/160616/Jenkins-2.251-LTS-2.235.3-Cross-Site-Scripting.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/160616/Jenkins-2.251-LTS-2.235.3-Cross-Site-Scripting.html"
}
]
}

76
2020/2xxx/CVE-2020-2232.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2232",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Email Extension Plugin",
"version": {
"version_data": [
{
"version_value": "2.72",
"version_affected": ">="
},
{
"version_value": "2.73",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,53 @@
"description": [
{
"lang": "eng",
"value": "CWE-319: Cleartext Transmission of Sensitive Information"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Email Extension Plugin",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.72",
"version_value": "unspecified"
},
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.73"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1975",
"url": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1975",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1975"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200812 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/08/12/4"
"url": "http://www.openwall.com/lists/oss-security/2020/08/12/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/08/12/4"
}
]
}

69
2020/2xxx/CVE-2020-2233.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2233",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Pipeline Maven Integration Plugin",
"version": {
"version_data": [
{
"version_value": "3.8.2",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-285: Improper Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Pipeline Maven Integration Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "3.8.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1794%20(1)",
"url": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1794%20(1)",
"refsource": "CONFIRM"
"url": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1794%20%281%29",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1794%20%281%29"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200812 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/08/12/4"
"url": "http://www.openwall.com/lists/oss-security/2020/08/12/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/08/12/4"
}
]
}

69
2020/2xxx/CVE-2020-2234.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2234",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Pipeline Maven Integration Plugin",
"version": {
"version_data": [
{
"version_value": "3.8.2",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-285: Improper Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Pipeline Maven Integration Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "3.8.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1794%20(2)",
"url": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1794%20(2)",
"refsource": "CONFIRM"
"url": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1794%20%282%29",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1794%20%282%29"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200812 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/08/12/4"
"url": "http://www.openwall.com/lists/oss-security/2020/08/12/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/08/12/4"
}
]
}

69
2020/2xxx/CVE-2020-2235.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2235",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Pipeline Maven Integration Plugin",
"version": {
"version_data": [
{
"version_value": "3.8.2",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Pipeline Maven Integration Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "3.8.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1794%20(2)",
"url": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1794%20(2)",
"refsource": "CONFIRM"
"url": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1794%20%282%29",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1794%20%282%29"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200812 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/08/12/4"
"url": "http://www.openwall.com/lists/oss-security/2020/08/12/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/08/12/4"
}
]
}

65
2021/21xxx/CVE-2021-21604.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21604",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.274",
"version_affected": "<="
},
{
"version_value": "LTS 2.263.1",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-502: Deserialization of Untrusted Data"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.274"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-1923",
"url": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-1923",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-1923"
}
]
}

65
2021/21xxx/CVE-2021-21605.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21605",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.274",
"version_affected": "<="
},
{
"version_value": "LTS 2.263.1",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.274"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2021",
"url": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2021",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2021"
}
]
}

74
2021/21xxx/CVE-2021-21606.json
View File

@ -1,44 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21606",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.242",
"version_affected": ">="
},
{
"version_value": "2.274",
"version_affected": "<="
},
{
"version_value": "LTS 2.263.1",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -53,18 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.242",
"version_value": "unspecified"
},
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.274"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2023",
"url": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2023",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2023"
}
]
}

65
2021/21xxx/CVE-2021-21607.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21607",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.274",
"version_affected": "<="
},
{
"version_value": "LTS 2.263.1",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-789: Memory Allocation with Excessive Size Value"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.274"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2025",
"url": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2025",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2025"
}
]
}

65
2021/21xxx/CVE-2021-21608.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21608",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.274",
"version_affected": "<="
},
{
"version_value": "LTS 2.263.1",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.274"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2035",
"url": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2035",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2035"
}
]
}

65
2021/21xxx/CVE-2021-21609.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21609",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.274",
"version_affected": "<="
},
{
"version_value": "LTS 2.263.1",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.274"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2047",
"url": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2047",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2047"
}
]
}

65
2021/21xxx/CVE-2021-21610.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21610",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.274",
"version_affected": "<="
},
{
"version_value": "LTS 2.263.1",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.274"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2153",
"url": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2153",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2153"
}
]
}

65
2021/21xxx/CVE-2021-21611.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21611",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.274",
"version_affected": "<="
},
{
"version_value": "LTS 2.263.1",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.274"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2171",
"url": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2171",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2171"
}
]
}

61
2021/21xxx/CVE-2021-21612.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21612",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins TraceTronic ECU-TEST Plugin",
"version": {
"version_data": [
{
"version_value": "2.23.1",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-256: Unprotected Storage of Credentials"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins TraceTronic ECU-TEST Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.23.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2057",
"url": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2057",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2057"
}
]
}

61
2021/21xxx/CVE-2021-21613.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21613",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins TICS Plugin",
"version": {
"version_data": [
{
"version_value": "2020.3.0.6",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins TICS Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2020.3.0.6"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2098",
"url": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2098",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2098"
}
]
}

61
2021/21xxx/CVE-2021-21614.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21614",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Bumblebee HP ALM Plugin",
"version": {
"version_data": [
{
"version_value": "4.1.5",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-256: Unprotected Storage of Credentials"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Bumblebee HP ALM Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "4.1.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2156",
"url": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2156",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2156"
}
]
}

74
2021/21xxx/CVE-2021-21615.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21615",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.275",
"version_affected": "="
},
{
"version_value": "LTS 2.263.2",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.275"
},
{
"version_affected": "=",
"version_value": "LTS 2.263.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-01-26/#SECURITY-2197",
"url": "https://www.jenkins.io/security/advisory/2021-01-26/#SECURITY-2197",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-01-26/#SECURITY-2197"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210126 Vulnerability in Jenkins",
"url": "http://www.openwall.com/lists/oss-security/2021/01/26/2"
"url": "http://www.openwall.com/lists/oss-security/2021/01/26/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/01/26/2"
}
]
}

67
2021/21xxx/CVE-2021-21616.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21616",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Active Choices Plugin",
"version": {
"version_data": [
{
"version_value": "2.5.2",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Active Choices Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.5.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-02-24/#SECURITY-2192",
"url": "https://www.jenkins.io/security/advisory/2021-02-24/#SECURITY-2192",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-02-24/#SECURITY-2192"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210224 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/02/24/3"
"url": "http://www.openwall.com/lists/oss-security/2021/02/24/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/02/24/3"
}
]
}

67
2021/21xxx/CVE-2021-21617.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21617",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Configuration Slicing Plugin",
"version": {
"version_data": [
{
"version_value": "1.51",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Configuration Slicing Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.51"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-02-24/#SECURITY-2003",
"url": "https://www.jenkins.io/security/advisory/2021-02-24/#SECURITY-2003",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-02-24/#SECURITY-2003"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210224 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/02/24/3"
"url": "http://www.openwall.com/lists/oss-security/2021/02/24/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/02/24/3"
}
]
}

79
2022/34xxx/CVE-2022-34183.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34183",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Agent Server Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "1.1",
"version_affected": "<="
},
{
"version_value": "1.1",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Agent Server Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.1",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784"
}
]
}

79
2022/34xxx/CVE-2022-34184.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34184",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins CRX Content Package Deployer Plugin",
"version": {
"version_data": [
{
"version_value": "1.9",
"version_affected": "<="
},
{
"version_value": "1.9",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins CRX Content Package Deployer Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.9",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784"
}
]
}

79
2022/34xxx/CVE-2022-34185.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34185",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Date Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "0.0.4",
"version_affected": "<="
},
{
"version_value": "0.0.4",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Date Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "0.0.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 0.0.4",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784"
}
]
}

79
2022/34xxx/CVE-2022-34186.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34186",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Dynamic Extended Choice Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "1.0.1",
"version_affected": "<="
},
{
"version_value": "1.0.1",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Dynamic Extended Choice Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.0.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.0.1",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784"
}
]
}

79
2022/34xxx/CVE-2022-34187.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34187",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Filesystem List Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "0.0.7",
"version_affected": "<="
},
{
"version_value": "0.0.7",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Filesystem List Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "0.0.7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 0.0.7",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784"
}
]
}

61
2022/34xxx/CVE-2022-34188.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34188",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Hidden Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "0.0.4",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Hidden Parameter Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "0.0.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784"
}
]
}

79
2022/34xxx/CVE-2022-34189.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34189",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Image Tag Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "1.10",
"version_affected": "<="
},
{
"version_value": "1.10",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Image Tag Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.10",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784"
}
]
}

79
2022/34xxx/CVE-2022-34190.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34190",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Maven Metadata Plugin for Jenkins CI server Plugin",
"version": {
"version_data": [
{
"version_value": "2.1",
"version_affected": "<="
},
{
"version_value": "2.1",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Maven Metadata Plugin for Jenkins CI server Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "2.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 2.1",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784"
}
]
}

79
2022/34xxx/CVE-2022-34191.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34191",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins NS-ND Integration Performance Publisher Plugin",
"version": {
"version_data": [
{
"version_value": "4.8.0.77",
"version_affected": "<="
},
{
"version_value": "4.8.0.77",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins NS-ND Integration Performance Publisher Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "4.8.0.77",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 4.8.0.77",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784"
}
]
}

79
2022/34xxx/CVE-2022-34192.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34192",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins ontrack Jenkins Plugin",
"version": {
"version_data": [
{
"version_value": "4.0.0",
"version_affected": "<="
},
{
"version_value": "4.0.0",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins ontrack Jenkins Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "4.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 4.0.0",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784"
}
]
}

79
2022/34xxx/CVE-2022-34193.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34193",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Package Version Plugin",
"version": {
"version_data": [
{
"version_value": "1.0.1",
"version_affected": "<="
},
{
"version_value": "1.0.1",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Package Version Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.0.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.0.1",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784"
}
]
}

79
2022/34xxx/CVE-2022-34194.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34194",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Readonly Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "1.0.0",
"version_affected": "<="
},
{
"version_value": "1.0.0",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Readonly Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.0.0",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784"
}
]
}

79
2022/34xxx/CVE-2022-34195.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34195",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Repository Connector Plugin",
"version": {
"version_data": [
{
"version_value": "2.2.0",
"version_affected": "<="
},
{
"version_value": "2.2.0",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Repository Connector Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "2.2.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 2.2.0",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784"
}
]
}

61
2022/34xxx/CVE-2022-34196.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34196",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins REST List Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "1.5.2",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins REST List Parameter Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.5.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2784"
}
]
}

3
2023/3xxx/CVE-2023-3828.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3829.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3830.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3831.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3832.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3833.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3834.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3835.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3836.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3837.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"baseSeverity": "LOW"
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3838.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 3.3,
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"baseSeverity": "LOW"
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3839.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 4.3,
"vectorString": "AV:N/AC:H/Au:M/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:H/Au:M/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3840.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3841.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3842.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"baseSeverity": "MEDIUM"
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C"
}
]
}

92
2023/43xxx/CVE-2023-43508.json
View File

@ -1,17 +1,101 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-43508",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@hpe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Vulnerabilities in the web-based management interface of\u00a0ClearPass Policy Manager allow an attacker with read-only\u00a0privileges to perform actions that change the state of the\u00a0ClearPass Policy Manager instance. Successful exploitation\u00a0of these vulnerabilities allow an attacker to complete\u00a0state-changing actions in the web-based management interface\u00a0that should not be allowed by their current level of\u00a0authorization on the platform."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Hewlett Packard Enterprise (HPE)",
"product": {
"product_data": [
{
"product_name": "Aruba ClearPass Policy Manager",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "ClearPass Policy Manager 6.11.x: 6.11.4 and below",
"version_value": "<=6.11.4"
},
{
"version_affected": "=",
"version_value": "ClearPass Policy Manager 6.10.x: 6.10.8 with ClearPass 6.10.8 Cumulative Hotfix Patch 5 and below"
},
{
"version_affected": "=",
"version_value": "ClearPass Policy Manager 6.9.x: 6.9.13 with ClearPass 6.9.13 Cumulative Hotfix Patch 3 and below"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txt",
"refsource": "MISC",
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txt"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Mateusz Dabrowski (dbrwsky)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
]
}

92
2023/43xxx/CVE-2023-43509.json
View File

@ -1,17 +1,101 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-43509",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@hpe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the web-based management interface of\u00a0ClearPass Policy Manager could allow an unauthenticated\u00a0remote attacker to send notifications to computers that are\u00a0running ClearPass OnGuard. These notifications can then be\u00a0used to phish users or trick them into downloading malicious\u00a0software."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Hewlett Packard Enterprise (HPE)",
"product": {
"product_data": [
{
"product_name": "Aruba ClearPass Policy Manager",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "ClearPass Policy Manager 6.11.x: 6.11.4 and below",
"version_value": "<=6.11.4"
},
{
"version_affected": "=",
"version_value": "ClearPass Policy Manager 6.10.x: 6.10.8 with ClearPass 6.10.8 Cumulative Hotfix Patch 5 and below"
},
{
"version_affected": "=",
"version_value": "ClearPass Policy Manager 6.9.x: 6.9.13 with ClearPass 6.9.13 Cumulative Hotfix Patch 3 and below"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txt",
"refsource": "MISC",
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txt"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Luke Young (bugcrowd.com/bored-engineer)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
}
]
}

92
2023/43xxx/CVE-2023-43510.json
View File

@ -1,17 +1,101 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-43510",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@hpe.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the ClearPass Policy Manager web-based\u00a0management interface allows remote authenticated users to\u00a0run arbitrary commands on the underlying host. A successful\u00a0exploit could allow an attacker to execute arbitrary\u00a0commands as a non-privileged user on the underlying\u00a0operating system leading to partial system compromise."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Hewlett Packard Enterprise (HPE)",
"product": {
"product_data": [
{
"product_name": "Aruba ClearPass Policy Manager",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "ClearPass Policy Manager 6.11.x: 6.11.4 and below",
"version_value": "<=6.11.4"
},
{
"version_affected": "=",
"version_value": "ClearPass Policy Manager 6.10.x: 6.10.8 with ClearPass 6.10.8 Cumulative Hotfix Patch 5 and below"
},
{
"version_affected": "=",
"version_value": "ClearPass Policy Manager 6.9.x: 6.9.13 with ClearPass 6.9.13 Cumulative Hotfix Patch 3 and below"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txt",
"refsource": "MISC",
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txt"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Daniel Jensen (@dozernz)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
]
}

85
2023/45xxx/CVE-2023-45837.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-45837",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in XYDAC Ultimate Taxonomy Manager plugin <=\u00a02.0 versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "XYDAC",
"product": {
"product_data": [
{
"product_name": "Ultimate Taxonomy Manager",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "2.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/ultimate-taxonomy-manager/wordpress-ultimate-taxonomy-manager-plugin-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/ultimate-taxonomy-manager/wordpress-ultimate-taxonomy-manager-plugin-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "thiennv (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
]
}

3
2023/5xxx/CVE-2023-5023.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/5xxx/CVE-2023-5024.json
View File

@ -107,8 +107,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

84
2023/5xxx/CVE-2023-5721.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5721",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox < 119 and Firefox ESR < 115.4."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Queued up rendering could have allowed websites to clickjack"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "119"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "115.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1830820",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1830820"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-45/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-45/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-46/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-46/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Kelsey Gilbert"
}
]
}

67
2023/5xxx/CVE-2023-5722.json
View File

@ -1,18 +1,75 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5722",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox < 119."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Origin size and header leakage"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "119"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1738426",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1738426"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-45/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-45/"
}
]
},
"credits": [
{
"lang": "en",
"value": "annevk"
}
]
}

67
2023/5xxx/CVE-2023-5723.json
View File

@ -1,18 +1,75 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5723",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An attacker with temporary script access to a site could have set a cookie containing invalid characters using `document.cookie` that could have led to unknown errors. This vulnerability affects Firefox < 119."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Invalid cookie characters could have led to unexpected errors"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "119"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1802057",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1802057"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-45/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-45/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Daniel Veditz"
}
]
}

84
2023/5xxx/CVE-2023-5724.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5724",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Drivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. This vulnerability affects Firefox < 119 and Firefox ESR < 115.4."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Large WebGL draw could have led to a crash"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "119"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "115.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1836705",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1836705"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-45/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-45/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-46/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-46/"
}
]
},
"credits": [
{
"lang": "en",
"value": "pwn2car"
}
]
}

84
2023/5xxx/CVE-2023-5725.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5725",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119 and Firefox ESR < 115.4."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "WebExtensions could open arbitrary URLs"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "119"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "115.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1845739",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1845739"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-45/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-45/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-46/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-46/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Shaheen Fazim"
}
]
}

101
2023/5xxx/CVE-2023-5726.json
View File

@ -1,18 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5726",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. \n*Note: This issue only affected macOS operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Full screen notification obscured by file open dialog on macOS"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "119"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "115.4"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "115.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846205",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1846205"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-45/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-45/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-46/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-46/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-47/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-47/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Edgar Chen and Hafiizh"
}
]
}

101
2023/5xxx/CVE-2023-5727.json
View File

@ -1,18 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5727",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. \n*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Download Protections were bypassed by .msix, .msixbundle, .appx, and .appxbundle files on Windows"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "119"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "115.4"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "115.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1847180",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1847180"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-45/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-45/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-46/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-46/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-47/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-47/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Marco Bonardo"
}
]
}

101
2023/5xxx/CVE-2023-5728.json
View File

@ -1,18 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5728",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper object tracking during GC in the JavaScript engine could have led to a crash."
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "119"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "115.4"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "115.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1852729",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1852729"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-45/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-45/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-46/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-46/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-47/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-47/"
}
]
},
"credits": [
{
"lang": "en",
"value": "anbu"
}
]
}

101
2023/5xxx/CVE-2023-5730.json
View File

@ -1,18 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5730",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "119"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "115.4"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "115.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836607%2C1840918%2C1848694%2C1848833%2C1850191%2C1850259%2C1852596%2C1853201%2C1854002%2C1855306%2C1855640%2C1856695",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836607%2C1840918%2C1848694%2C1848833%2C1850191%2C1850259%2C1852596%2C1853201%2C1854002%2C1855306%2C1855640%2C1856695"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-45/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-45/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-46/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-46/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-47/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-47/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Randell Jesup, Andrew McCreight, Jed Davis, and the Mozilla Fuzzing Team"
}
]
}

84
2023/5xxx/CVE-2023-5732.json
View File

@ -1,18 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5732",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox ESR < 115.4 and Thunderbird < 115.4."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Address bar spoofing via bidirectional characters"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "115.4"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "115.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1690979",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1690979"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-46/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-46/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-47/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-47/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Armin Ebert"
}
]
}

18
2023/5xxx/CVE-2023-5757.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5757",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/5xxx/CVE-2023-5758.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5758",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}