"-Synchronized-Data."

2025-05-06 10:41:46 +00:00 · 2021-08-16 08:01:01 +00:00 · 2021-08-16 08:01:01 +00:00 · 034b2b68c4
commit 034b2b68c4
parent ddf830378d
3 changed files with 20 additions and 15 deletions
--- a/2021/23xxx/CVE-2021-23423.json
+++ b/2021/23xxx/CVE-2021-23423.json
@ -48,12 +48,14 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://snyk.io/vuln/SNYK-PYTHON-BIKESHED-1537647"
+                "refsource": "MISC",
+                "url": "https://snyk.io/vuln/SNYK-PYTHON-BIKESHED-1537647",
+                "name": "https://snyk.io/vuln/SNYK-PYTHON-BIKESHED-1537647"
            },
            {
-                "refsource": "CONFIRM",
-                "url": "https://github.com/tabatkins/bikeshed/commit/b2f668fca204260b1cad28d5078e93471cb6b2dd"
+                "refsource": "MISC",
+                "url": "https://github.com/tabatkins/bikeshed/commit/b2f668fca204260b1cad28d5078e93471cb6b2dd",
+                "name": "https://github.com/tabatkins/bikeshed/commit/b2f668fca204260b1cad28d5078e93471cb6b2dd"
            }
        ]
    },
@ -61,7 +63,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "This affects the package bikeshed before 3.0.0.\n This can occur when an untrusted source file containing include, include-code or include-raw block is processed. The contents of arbitrary files could be disclosed in the HTML output.\n"
+                "value": "This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing include, include-code or include-raw block is processed. The contents of arbitrary files could be disclosed in the HTML output."
            }
        ]
    },
--- a/2021/33xxx/CVE-2021-33193.json
+++ b/2021/33xxx/CVE-2021-33193.json
@ -42,7 +42,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning.\nThis issue affects Apache HTTP Server 2.4.17 to 2.4.48."
+                "value": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48."
            }
        ]
    },
@ -69,12 +69,14 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://portswigger.net/research/http2"
+                "refsource": "MISC",
+                "url": "https://portswigger.net/research/http2",
+                "name": "https://portswigger.net/research/http2"
            },
            {
-                "refsource": "CONFIRM",
-                "url": "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch"
+                "refsource": "MISC",
+                "url": "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch",
+                "name": "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch"
            }
        ]
    },
@ -93,4 +95,4 @@
            "value": "public"
        }
    ]
-}
+}
--- a/2021/35xxx/CVE-2021-35936.json
+++ b/2021/35xxx/CVE-2021-35936.json
@ -43,7 +43,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "If remote logging is not used, the worker (in the case of CeleryExecutor) or the scheduler (in the case of LocalExecutor) runs a Flask logging server and is listening on a specific port and also binds on 0.0.0.0 by default.\nThis logging server had no authentication and allows reading log files of DAG jobs.\n\nThis issue affects Apache Airflow < 2.1.2."
+                "value": "If remote logging is not used, the worker (in the case of CeleryExecutor) or the scheduler (in the case of LocalExecutor) runs a Flask logging server and is listening on a specific port and also binds on 0.0.0.0 by default. This logging server had no authentication and allows reading log files of DAG jobs. This issue affects Apache Airflow < 2.1.2."
            }
        ]
    },
@ -68,8 +68,9 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://lists.apache.org/thread.html/r53d6bd7b0a66f92ddaf1313282f10fec802e71246606dd30c16536df%40%3Cusers.airflow.apache.org%3E"
+                "refsource": "MISC",
+                "url": "https://lists.apache.org/thread.html/r53d6bd7b0a66f92ddaf1313282f10fec802e71246606dd30c16536df%40%3Cusers.airflow.apache.org%3E",
+                "name": "https://lists.apache.org/thread.html/r53d6bd7b0a66f92ddaf1313282f10fec802e71246606dd30c16536df%40%3Cusers.airflow.apache.org%3E"
            }
        ]
    },
@ -82,4 +83,4 @@
            "value": "Use remote logging with GCS, S3, Elasticsearch etc. This is recommended for production environments.\n\nAnd do not publicly expose any other ports apart from Webserver port, Flower port etc."
        }
    ]
-}
+}