"-Synchronized-Data."

2025-06-12 02:05:39 +00:00 · 2021-11-04 18:01:14 +00:00 · 2021-11-04 18:01:14 +00:00 · 028b9a2c38
commit 028b9a2c38
parent 649b764701
7 changed files with 125 additions and 12 deletions
--- a/2021/21xxx/CVE-2021-21685.json
+++ b/2021/21xxx/CVE-2021-21685.json
@ -61,6 +61,11 @@
                "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
                "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
                "refsource": "CONFIRM"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[oss-security] 20211104 Multiple vulnerabilities in Jenkins and Jenkins plugins",
+                "url": "http://www.openwall.com/lists/oss-security/2021/11/04/3"
            }
        ]
    }
--- a/2021/21xxx/CVE-2021-21695.json
+++ b/2021/21xxx/CVE-2021-21695.json
@ -61,6 +61,11 @@
                "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
                "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
                "refsource": "CONFIRM"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[oss-security] 20211104 Multiple vulnerabilities in Jenkins and Jenkins plugins",
+                "url": "http://www.openwall.com/lists/oss-security/2021/11/04/3"
            }
        ]
    }
--- a/2021/21xxx/CVE-2021-21696.json
+++ b/2021/21xxx/CVE-2021-21696.json
@ -61,6 +61,11 @@
                "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2423",
                "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2423",
                "refsource": "CONFIRM"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[oss-security] 20211104 Multiple vulnerabilities in Jenkins and Jenkins plugins",
+                "url": "http://www.openwall.com/lists/oss-security/2021/11/04/3"
            }
        ]
    }
--- a/2021/21xxx/CVE-2021-21697.json
+++ b/2021/21xxx/CVE-2021-21697.json
@ -61,6 +61,11 @@
                "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2428",
                "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2428",
                "refsource": "CONFIRM"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[oss-security] 20211104 Multiple vulnerabilities in Jenkins and Jenkins plugins",
+                "url": "http://www.openwall.com/lists/oss-security/2021/11/04/3"
            }
        ]
    }
--- a/2021/21xxx/CVE-2021-21698.json
+++ b/2021/21xxx/CVE-2021-21698.json
@ -57,6 +57,11 @@
                "name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2506",
                "url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2506",
                "refsource": "CONFIRM"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[oss-security] 20211104 Multiple vulnerabilities in Jenkins and Jenkins plugins",
+                "url": "http://www.openwall.com/lists/oss-security/2021/11/04/3"
            }
        ]
    }
--- a/2021/43xxx/CVE-2021-43281.json
+++ b/2021/43xxx/CVE-2021-43281.json
@ -1,17 +1,61 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
-        "ID": "CVE-2021-43281",
        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2021-43281",
+        "STATE": "PUBLIC"
    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "MyBB before 1.8.29 allows Remote Code Injection by an admin with the \"Can manage settings?\" permission. The Admin CP's Settings management module does not validate setting types correctly on insertion and update, making it possible to add settings of supported type \"php\" with PHP code, executed on Change Settings pages."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "CONFIRM",
+                "name": "https://github.com/mybb/mybb/security/advisories/GHSA-8gxx-vmr9-h39p",
+                "url": "https://github.com/mybb/mybb/security/advisories/GHSA-8gxx-vmr9-h39p"
            }
        ]
    }
--- a/2021/43xxx/CVE-2021-43293.json
+++ b/2021/43xxx/CVE-2021-43293.json
@ -1,17 +1,61 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
-        "ID": "CVE-2021-43293",
        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2021-43293",
+        "STATE": "PUBLIC"
    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "Sonatype Nexus Repository Manager 3.x before 3.36.0 allows a remote authenticated attacker to potentially perform network enumeration via Server Side Request Forgery (SSRF)."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "CONFIRM",
+                "name": "https://support.sonatype.com/hc/en-us/articles/4409326330003",
+                "url": "https://support.sonatype.com/hc/en-us/articles/4409326330003"
            }
        ]
    }