admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-08-02 17:00:50 +00:00
parent dc6249de74
commit 0baf8505da
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
3 changed files with 175 additions and 167 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2020/20xxx/CVE-2020-20277.json
View File

@ -61,6 +61,11 @@
"url": "https://arinerron.com/blog/posts/6", "url": "https://arinerron.com/blog/posts/6",
"refsource": "MISC", "refsource": "MISC",
"name": "https://arinerron.com/blog/posts/6" "name": "https://arinerron.com/blog/posts/6"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/167908/uftpd-2.10-Directory-Traversal.html",
"url": "http://packetstormsecurity.com/files/167908/uftpd-2.10-Directory-Traversal.html"
} }
] ]
} }

169
2022/23xxx/CVE-2022-23733.json
View File

@ -1,91 +1,94 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "product-cna@github.com", "ASSIGNER": "product-cna@github.com",
"ID": "CVE-2022-23733", "ID": "CVE-2022-23733",
"STATE": "PUBLIC", "STATE": "PUBLIC",
"TITLE": "Stored XSS vulnerability in GitHub Enterprise Server leading to injection of arbitrary attributes" "TITLE": "Stored XSS vulnerability in GitHub Enterprise Server leading to injection of arbitrary attributes"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "GitHub Enterprise Server", "product_name": "GitHub Enterprise Server",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "<",
"version_name": "3.3", "version_name": "3.3",
"version_value": "3.3.11" "version_value": "3.3.11"
},
{
"version_affected": "<",
"version_name": "3.4",
"version_value": "3.4.6"
},
{
"version_affected": "<",
"version_name": "3.5",
"version_value": "3.5.3"
}
]
}
}
]
}, },
{ "vendor_name": "GitHub"
"version_affected": "<",
"version_name": "3.4",
"version_value": "3.4.6"
},
{
"version_affected": "<",
"version_name": "3.5",
"version_value": "3.5.3"
}
]
} }
}
] ]
},
"vendor_name": "GitHub"
} }
] },
} "credit": [
}, {
"credit": [
{
"lang": "eng",
"value": "None"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stored XSS vulnerability was identified in GitHub Enterprise Server that allowed the injection of arbitrary attributes. This injection was blocked by Github's Content Security Policy (CSP). This vulnerability affected all versions of GitHub Enterprise Server prior to 3.6 and was fixed in versions 3.3.11, 3.4.6 and 3.5.3. This vulnerability was reported via the GitHub Bug Bounty program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng", "lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS) - Stored" "value": "None"
} }
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stored XSS vulnerability was identified in GitHub Enterprise Server that allowed the injection of arbitrary attributes. This injection was blocked by Github's Content Security Policy (CSP). This vulnerability affected all versions of GitHub Enterprise Server prior to 3.6 and was fixed in versions 3.3.11, 3.4.6 and 3.5.3. This vulnerability was reported via the GitHub Bug Bounty program."
}
] ]
} },
] "problemtype": {
}, "problemtype_data": [
"references": { {
"reference_data": [ "description": [
{ {
"refsource": "CONFIRM", "lang": "eng",
"url": "https://docs.github.com/en/enterprise-server@3.3/admin/release-notes#3.3.11" "value": "CWE-79 Cross-site Scripting (XSS) - Stored"
}, }
{ ]
"refsource": "CONFIRM", }
"url": "https://docs.github.com/en/enterprise-server@3.4/admin/release-notes#3.4.6" ]
}, },
{ "references": {
"refsource": "CONFIRM", "reference_data": [
"url": "https://docs.github.com/en/enterprise-server@3.5/admin/release-notes#3.5.3" {
} "refsource": "MISC",
] "url": "https://docs.github.com/en/enterprise-server@3.3/admin/release-notes#3.3.11",
}, "name": "https://docs.github.com/en/enterprise-server@3.3/admin/release-notes#3.3.11"
"source": { },
"discovery": "EXTERNAL" {
} "refsource": "MISC",
"url": "https://docs.github.com/en/enterprise-server@3.4/admin/release-notes#3.4.6",
"name": "https://docs.github.com/en/enterprise-server@3.4/admin/release-notes#3.4.6"
},
{
"refsource": "MISC",
"url": "https://docs.github.com/en/enterprise-server@3.5/admin/release-notes#3.5.3",
"name": "https://docs.github.com/en/enterprise-server@3.5/admin/release-notes#3.5.3"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
} }

168
2022/2xxx/CVE-2022-2631.json
View File

@ -1,89 +1,89 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "security@huntr.dev", "ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-2631", "ID": "CVE-2022-2631",
"STATE": "PUBLIC", "STATE": "PUBLIC",
"TITLE": "Improper Access Control in tooljet/tooljet" "TITLE": "Improper Access Control in tooljet/tooljet"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "tooljet/tooljet", "product_name": "tooljet/tooljet",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_affected": "<",
"version_value": "v1.19.0" "version_value": "v1.19.0"
} }
] ]
}
}
]
},
"vendor_name": "tooljet"
} }
}
] ]
},
"vendor_name": "tooljet"
} }
] },
} "data_format": "MITRE",
}, "data_type": "CVE",
"data_format": "MITRE", "data_version": "4.0",
"data_type": "CVE", "description": {
"data_version": "4.0", "description_data": [
"description": { {
"description_data": [ "lang": "eng",
{ "value": "Improper Access Control in GitHub repository tooljet/tooljet prior to v1.19.0."
"lang": "eng", }
"value": "Improper Access Control in GitHub repository tooljet/tooljet prior to v1.19.0."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
] ]
} },
] "impact": {
}, "cvss": {
"references": { "attackComplexity": "LOW",
"reference_data": [ "attackVector": "NETWORK",
{ "availabilityImpact": "HIGH",
"name": "https://huntr.dev/bounties/86881f9e-ca48-49b5-9782-3c406316930c", "baseScore": 9.8,
"refsource": "CONFIRM", "baseSeverity": "CRITICAL",
"url": "https://huntr.dev/bounties/86881f9e-ca48-49b5-9782-3c406316930c" "confidentialityImpact": "HIGH",
}, "integrityImpact": "HIGH",
{ "privilegesRequired": "NONE",
"name": "https://github.com/tooljet/tooljet/commit/b9fa229bcae356cbb33300b31483e97e6ea140a7", "scope": "UNCHANGED",
"refsource": "MISC", "userInteraction": "NONE",
"url": "https://github.com/tooljet/tooljet/commit/b9fa229bcae356cbb33300b31483e97e6ea140a7" "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
} "version": "3.0"
] }
}, },
"source": { "problemtype": {
"advisory": "86881f9e-ca48-49b5-9782-3c406316930c", "problemtype_data": [
"discovery": "EXTERNAL" {
} "description": [
} {
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/86881f9e-ca48-49b5-9782-3c406316930c",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/86881f9e-ca48-49b5-9782-3c406316930c"
},
{
"name": "https://github.com/tooljet/tooljet/commit/b9fa229bcae356cbb33300b31483e97e6ea140a7",
"refsource": "MISC",
"url": "https://github.com/tooljet/tooljet/commit/b9fa229bcae356cbb33300b31483e97e6ea140a7"
}
]
},
"source": {
"advisory": "86881f9e-ca48-49b5-9782-3c406316930c",
"discovery": "EXTERNAL"
}
}