From 0edc539d830222e05a064ef219de017d96d87047 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 4 Mar 2020 21:01:10 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/7xxx/CVE-2020-7130.json | 50 +++++++++++++++++++++++++++-- 2020/8xxx/CVE-2020-8659.json | 61 ++++++++++++++++++++++++++++++++---- 2020/8xxx/CVE-2020-8661.json | 61 ++++++++++++++++++++++++++++++++---- 2020/8xxx/CVE-2020-8664.json | 61 ++++++++++++++++++++++++++++++++---- 4 files changed, 212 insertions(+), 21 deletions(-) diff --git a/2020/7xxx/CVE-2020-7130.json b/2020/7xxx/CVE-2020-7130.json index 58d5a13f589..fe3cb56caec 100644 --- a/2020/7xxx/CVE-2020-7130.json +++ b/2020/7xxx/CVE-2020-7130.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-7130", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE OneView Global Dashboard", + "version": { + "version_data": [ + { + "version_value": "1.9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote disclosure of information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf03987en_us", + "url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf03987en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HPE OneView Global Dashboard (OVGD) 1.9 has a remote information disclosure vulnerability. HPE OneView Global Dashboard - After Upgrade or Install of OVGD Version 1.9, Appliance Firewall May Leave Ports Open. This is resolved in OVGD 1.91 or later." } ] } diff --git a/2020/8xxx/CVE-2020-8659.json b/2020/8xxx/CVE-2020-8659.json index 274146e45e5..4bbb6592707 100644 --- a/2020/8xxx/CVE-2020-8659.json +++ b/2020/8xxx/CVE-2020-8659.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-8659", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-8659", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "CNCF Envoy through 1.13.0 may consume excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small (i.e. 1 byte) chunks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history", + "url": "https://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history" + }, + { + "refsource": "MISC", + "name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-jwcm-4pwp-c2qv", + "url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-jwcm-4pwp-c2qv" } ] } diff --git a/2020/8xxx/CVE-2020-8661.json b/2020/8xxx/CVE-2020-8661.json index 0922aceb92a..747f765c02b 100644 --- a/2020/8xxx/CVE-2020-8661.json +++ b/2020/8xxx/CVE-2020-8661.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-8661", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-8661", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history", + "url": "https://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history" + }, + { + "refsource": "MISC", + "name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-36cq-ww7h-p4j7", + "url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-36cq-ww7h-p4j7" } ] } diff --git a/2020/8xxx/CVE-2020-8664.json b/2020/8xxx/CVE-2020-8664.json index 52e559c765b..0e931ef60fd 100644 --- a/2020/8xxx/CVE-2020-8664.json +++ b/2020/8xxx/CVE-2020-8664.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-8664", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-8664", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret (e.g. trusted CA) across many resources together with the combined validation context could lead to the \u201cstatic\u201d part of the validation context to be not applied, even though it was visible in the active config dump." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history", + "url": "https://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history" + }, + { + "refsource": "MISC", + "name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3x9m-pgmg-xpx8", + "url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3x9m-pgmg-xpx8" } ] }