diff --git a/2020/14xxx/CVE-2020-14556.json b/2020/14xxx/CVE-2020-14556.json index 054f8ab1ee8..5fb67f5ca26 100644 --- a/2020/14xxx/CVE-2020-14556.json +++ b/2020/14xxx/CVE-2020-14556.json @@ -93,6 +93,16 @@ "refsource": "DEBIAN", "name": "DSA-4734", "url": "https://www.debian.org/security/2020/dsa-4734" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-508df53719", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFZ36XIW5ENQAW6BB7WHRFFTTJX7KGMR/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-93cc9c3ef2", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEPHBZPNSLX43B26DWKB7OS6AROTS2BO/" } ] } diff --git a/2020/14xxx/CVE-2020-14562.json b/2020/14xxx/CVE-2020-14562.json index 3db4f6728dc..37b4d215ee1 100644 --- a/2020/14xxx/CVE-2020-14562.json +++ b/2020/14xxx/CVE-2020-14562.json @@ -84,6 +84,11 @@ "refsource": "DEBIAN", "name": "DSA-4734", "url": "https://www.debian.org/security/2020/dsa-4734" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-93cc9c3ef2", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEPHBZPNSLX43B26DWKB7OS6AROTS2BO/" } ] } diff --git a/2020/14xxx/CVE-2020-14573.json b/2020/14xxx/CVE-2020-14573.json index baa5643a17d..7030f073794 100644 --- a/2020/14xxx/CVE-2020-14573.json +++ b/2020/14xxx/CVE-2020-14573.json @@ -84,6 +84,11 @@ "refsource": "DEBIAN", "name": "DSA-4734", "url": "https://www.debian.org/security/2020/dsa-4734" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-93cc9c3ef2", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEPHBZPNSLX43B26DWKB7OS6AROTS2BO/" } ] } diff --git a/2020/14xxx/CVE-2020-14577.json b/2020/14xxx/CVE-2020-14577.json index 5dcdb609a3b..4b40833ca1b 100644 --- a/2020/14xxx/CVE-2020-14577.json +++ b/2020/14xxx/CVE-2020-14577.json @@ -93,6 +93,16 @@ "refsource": "DEBIAN", "name": "DSA-4734", "url": "https://www.debian.org/security/2020/dsa-4734" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-508df53719", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFZ36XIW5ENQAW6BB7WHRFFTTJX7KGMR/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-93cc9c3ef2", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEPHBZPNSLX43B26DWKB7OS6AROTS2BO/" } ] } diff --git a/2020/14xxx/CVE-2020-14578.json b/2020/14xxx/CVE-2020-14578.json index 758a5a7d458..789690dbd63 100644 --- a/2020/14xxx/CVE-2020-14578.json +++ b/2020/14xxx/CVE-2020-14578.json @@ -83,6 +83,11 @@ "refsource": "DEBIAN", "name": "DSA-4734", "url": "https://www.debian.org/security/2020/dsa-4734" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-508df53719", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFZ36XIW5ENQAW6BB7WHRFFTTJX7KGMR/" } ] } diff --git a/2020/14xxx/CVE-2020-14579.json b/2020/14xxx/CVE-2020-14579.json index 81ce3b01d75..69a8e99d4c3 100644 --- a/2020/14xxx/CVE-2020-14579.json +++ b/2020/14xxx/CVE-2020-14579.json @@ -83,6 +83,11 @@ "refsource": "DEBIAN", "name": "DSA-4734", "url": "https://www.debian.org/security/2020/dsa-4734" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-508df53719", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFZ36XIW5ENQAW6BB7WHRFFTTJX7KGMR/" } ] } diff --git a/2020/14xxx/CVE-2020-14581.json b/2020/14xxx/CVE-2020-14581.json index f4485f88ff0..7cefdfbb95a 100644 --- a/2020/14xxx/CVE-2020-14581.json +++ b/2020/14xxx/CVE-2020-14581.json @@ -93,6 +93,16 @@ "refsource": "DEBIAN", "name": "DSA-4734", "url": "https://www.debian.org/security/2020/dsa-4734" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-508df53719", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFZ36XIW5ENQAW6BB7WHRFFTTJX7KGMR/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-93cc9c3ef2", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEPHBZPNSLX43B26DWKB7OS6AROTS2BO/" } ] } diff --git a/2020/14xxx/CVE-2020-14583.json b/2020/14xxx/CVE-2020-14583.json index eccb4c843c6..936693c73b3 100644 --- a/2020/14xxx/CVE-2020-14583.json +++ b/2020/14xxx/CVE-2020-14583.json @@ -93,6 +93,16 @@ "refsource": "DEBIAN", "name": "DSA-4734", "url": "https://www.debian.org/security/2020/dsa-4734" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-508df53719", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFZ36XIW5ENQAW6BB7WHRFFTTJX7KGMR/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-93cc9c3ef2", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEPHBZPNSLX43B26DWKB7OS6AROTS2BO/" } ] } diff --git a/2020/14xxx/CVE-2020-14593.json b/2020/14xxx/CVE-2020-14593.json index a4ba5edbb0a..e1127084e58 100644 --- a/2020/14xxx/CVE-2020-14593.json +++ b/2020/14xxx/CVE-2020-14593.json @@ -93,6 +93,16 @@ "refsource": "DEBIAN", "name": "DSA-4734", "url": "https://www.debian.org/security/2020/dsa-4734" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-508df53719", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFZ36XIW5ENQAW6BB7WHRFFTTJX7KGMR/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-93cc9c3ef2", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEPHBZPNSLX43B26DWKB7OS6AROTS2BO/" } ] } diff --git a/2020/14xxx/CVE-2020-14621.json b/2020/14xxx/CVE-2020-14621.json index b5010cdbdc8..799d972d89d 100644 --- a/2020/14xxx/CVE-2020-14621.json +++ b/2020/14xxx/CVE-2020-14621.json @@ -93,6 +93,16 @@ "refsource": "DEBIAN", "name": "DSA-4734", "url": "https://www.debian.org/security/2020/dsa-4734" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-508df53719", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFZ36XIW5ENQAW6BB7WHRFFTTJX7KGMR/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-93cc9c3ef2", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEPHBZPNSLX43B26DWKB7OS6AROTS2BO/" } ] } diff --git a/2020/15xxx/CVE-2020-15586.json b/2020/15xxx/CVE-2020-15586.json index c9f0f5c34aa..d9bb9eb217a 100644 --- a/2020/15xxx/CVE-2020-15586.json +++ b/2020/15xxx/CVE-2020-15586.json @@ -76,6 +76,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1095", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-d75360e2b0", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCR6LAKCVKL55KJQPPBBWVQGOP7RL2RW/" } ] } diff --git a/2020/15xxx/CVE-2020-15803.json b/2020/15xxx/CVE-2020-15803.json index 7629b577e55..bf788b514c1 100644 --- a/2020/15xxx/CVE-2020-15803.json +++ b/2020/15xxx/CVE-2020-15803.json @@ -56,6 +56,11 @@ "url": "https://support.zabbix.com/browse/ZBX-18057", "refsource": "MISC", "name": "https://support.zabbix.com/browse/ZBX-18057" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-519516feec", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/" } ] } diff --git a/2020/15xxx/CVE-2020-15899.json b/2020/15xxx/CVE-2020-15899.json index b6ad328520e..f6f63566452 100644 --- a/2020/15xxx/CVE-2020-15899.json +++ b/2020/15xxx/CVE-2020-15899.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-15899", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-15899", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Grin 3.0.0 before 4.0.0 has insufficient validation of data related to Mimblewimble." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/mimblewimble/grin/compare/v3.1.1...v4.0.0", + "refsource": "MISC", + "name": "https://github.com/mimblewimble/grin/compare/v3.1.1...v4.0.0" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/mimblewimble/grin-security/blob/master/CVEs/CVE-2020-15899.md", + "url": "https://github.com/mimblewimble/grin-security/blob/master/CVEs/CVE-2020-15899.md" } ] } diff --git a/2020/15xxx/CVE-2020-15900.json b/2020/15xxx/CVE-2020-15900.json index 9455574a0bb..e96e5ac67bc 100644 --- a/2020/15xxx/CVE-2020-15900.json +++ b/2020/15xxx/CVE-2020-15900.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "A memory corruption issue was found in Artifex Ghostscript 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32_t. This was fixed in commit 5d499272b95a6b890a1397e11d20937de000d31b." + "value": "A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32_t. This was fixed in commit 5d499272b95a6b890a1397e11d20937de000d31b." } ] }, @@ -71,6 +71,11 @@ "refsource": "MISC", "name": "https://github.com/ArtifexSoftware/ghostpdl/commit/5d499272b95a6b890a1397e11d20937de000d31b", "url": "https://github.com/ArtifexSoftware/ghostpdl/commit/5d499272b95a6b890a1397e11d20937de000d31b" + }, + { + "refsource": "CONFIRM", + "name": "https://artifex.com/security-advisories/CVE-2020-15900", + "url": "https://artifex.com/security-advisories/CVE-2020-15900" } ] } diff --git a/2020/3xxx/CVE-2020-3327.json b/2020/3xxx/CVE-2020-3327.json index 9b014e05d5e..1c9d7d7537a 100644 --- a/2020/3xxx/CVE-2020-3327.json +++ b/2020/3xxx/CVE-2020-3327.json @@ -119,6 +119,16 @@ "refsource": "GENTOO", "name": "GLSA-202007-23", "url": "https://security.gentoo.org/glsa/202007-23" + }, + { + "refsource": "UBUNTU", + "name": "USN-4435-1", + "url": "https://usn.ubuntu.com/4435-1/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-dd0c20d985", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/" } ] }, diff --git a/2020/3xxx/CVE-2020-3350.json b/2020/3xxx/CVE-2020-3350.json index fae4c74a368..54f7d26a3c5 100644 --- a/2020/3xxx/CVE-2020-3350.json +++ b/2020/3xxx/CVE-2020-3350.json @@ -76,6 +76,16 @@ "refsource": "GENTOO", "name": "GLSA-202007-23", "url": "https://security.gentoo.org/glsa/202007-23" + }, + { + "refsource": "UBUNTU", + "name": "USN-4435-1", + "url": "https://usn.ubuntu.com/4435-1/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-dd0c20d985", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/" } ] }, diff --git a/2020/3xxx/CVE-2020-3481.json b/2020/3xxx/CVE-2020-3481.json index 6d7777b6abf..8d4cc4bb9d7 100644 --- a/2020/3xxx/CVE-2020-3481.json +++ b/2020/3xxx/CVE-2020-3481.json @@ -80,6 +80,16 @@ "refsource": "GENTOO", "name": "GLSA-202007-23", "url": "https://security.gentoo.org/glsa/202007-23" + }, + { + "refsource": "UBUNTU", + "name": "USN-4435-1", + "url": "https://usn.ubuntu.com/4435-1/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-dd0c20d985", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/" } ] }, diff --git a/2020/7xxx/CVE-2020-7685.json b/2020/7xxx/CVE-2020-7685.json index 89d7852ab72..7eafc643048 100644 --- a/2020/7xxx/CVE-2020-7685.json +++ b/2020/7xxx/CVE-2020-7685.json @@ -48,8 +48,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-DOTNET-UMBRACOFORMS-595765" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-DOTNET-UMBRACOFORMS-595765", + "name": "https://snyk.io/vuln/SNYK-DOTNET-UMBRACOFORMS-595765" } ] }, @@ -57,7 +58,7 @@ "description_data": [ { "lang": "eng", - "value": "This affects all versions of package UmbracoForms.\n When using the default configuration for upload forms, it is possible to upload arbitrary file types.\r\n\r\nThe package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend validation that blocks certain file types, depending on their security needs and policies.\r\n\r\n" + "value": "This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend validation that blocks certain file types, depending on their security needs and policies." } ] },