diff --git a/2020/25xxx/CVE-2020-25639.json b/2020/25xxx/CVE-2020-25639.json index 1297e1d6403..74b8765d8d0 100644 --- a/2020/25xxx/CVE-2020-25639.json +++ b/2020/25xxx/CVE-2020-25639.json @@ -48,6 +48,16 @@ "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1876995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1876995" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-1db4ab0a3d", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HE4CT3NL6OEBRRBUKHIX63GLNVOWCVRW/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-a2d3ad5dda", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUCBCKRHWP3UD2AVVYQJE7BIJEMCMXW5/" } ] }, diff --git a/2020/26xxx/CVE-2020-26196.json b/2020/26xxx/CVE-2020-26196.json index 51ba2c506e8..fdacde337a5 100644 --- a/2020/26xxx/CVE-2020-26196.json +++ b/2020/26xxx/CVE-2020-26196.json @@ -1,10 +1,10 @@ { "CVE_data_meta": { - "ASSIGNER": "secure@dell.com", - "DATE_PUBLIC": "2021-02-08", - "ID": "CVE-2020-26196", + "ASSIGNER": "secure@dell.com", + "DATE_PUBLIC": "2021-02-08", + "ID": "CVE-2020-26196", "STATE": "PUBLIC" - }, + }, "affects": { "vendor": { "vendor_data": [ @@ -12,59 +12,60 @@ "product": { "product_data": [ { - "product_name": "PowerScale OneFS", + "product_name": "PowerScale OneFS", "version": { "version_data": [ { - "version_affected": "<", + "version_affected": "<", "version_value": "8.1.2, 8.2.1, 8.2.2, 9.0.0" } ] } } ] - }, + }, "vendor_name": "Dell" } ] } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { - "lang": "eng", + "lang": "eng", "value": "Dell EMC PowerScale OneFS versions 8.1.0-9.1.0 contain a Backup/Restore Privilege implementation issue. A user with the BackupAdmin role may potentially exploit this vulnerability resulting in the ability to write data outside of the intended file system location." } ] - }, + }, "impact": { "cvss": { - "baseScore": 5.5, - "baseSeverity": "Medium", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 5.5, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" } - }, + }, "problemtype": { "problemtype_data": [ { "description": [ { - "lang": "eng", + "lang": "eng", "value": "CWE-732: Incorrect Permission Assignment for Critical Resource" } ] } ] - }, + }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.dell.com/support/kbdoc/en-us/000182873/dsa-2021-009-dell-powerscale-onefs-security-update-for-multiple-vulnerabilities" + "refsource": "MISC", + "url": "https://www.dell.com/support/kbdoc/en-us/000182873/dsa-2021-009-dell-powerscale-onefs-security-update-for-multiple-vulnerabilities", + "name": "https://www.dell.com/support/kbdoc/en-us/000182873/dsa-2021-009-dell-powerscale-onefs-security-update-for-multiple-vulnerabilities" } ] } diff --git a/2020/27xxx/CVE-2020-27575.json b/2020/27xxx/CVE-2020-27575.json index 43a1f53bc47..4040cb54f58 100644 --- a/2020/27xxx/CVE-2020-27575.json +++ b/2020/27xxx/CVE-2020-27575.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-27575", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-27575", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://maxum.com", + "refsource": "MISC", + "name": "http://maxum.com" + }, + { + "refsource": "MISC", + "name": "https://tvrbk.github.io/cve/2021/03/07/rumpus.html", + "url": "https://tvrbk.github.io/cve/2021/03/07/rumpus.html" } ] } diff --git a/2020/27xxx/CVE-2020-27576.json b/2020/27xxx/CVE-2020-27576.json index b9f62e91254..22d583fd1b4 100644 --- a/2020/27xxx/CVE-2020-27576.json +++ b/2020/27xxx/CVE-2020-27576.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-27576", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-27576", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting (XSS). Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored cross-site scripting vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://maxum.com", + "refsource": "MISC", + "name": "http://maxum.com" + }, + { + "refsource": "MISC", + "name": "https://tvrbk.github.io/cve/2021/03/07/rumpus.html", + "url": "https://tvrbk.github.io/cve/2021/03/07/rumpus.html" } ] } diff --git a/2020/27xxx/CVE-2020-27838.json b/2020/27xxx/CVE-2020-27838.json index f7f75a1e84e..15f772eab41 100644 --- a/2020/27xxx/CVE-2020-27838.json +++ b/2020/27xxx/CVE-2020-27838.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-27838", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "keycloak", + "version": { + "version_data": [ + { + "version_value": "keycloak 13.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-287" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1906797", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906797" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in keycloak in versions prior to 13.0.0. The client registration endpoint allows fetching information about PUBLIC clients (like client secret) without authentication which could be an issue if the same PUBLIC client changed to CONFIDENTIAL later. The highest threat from this vulnerability is to data confidentiality." } ] } diff --git a/2021/21xxx/CVE-2021-21337.json b/2021/21xxx/CVE-2021-21337.json index d8c7885bd00..0bd8d464555 100644 --- a/2021/21xxx/CVE-2021-21337.json +++ b/2021/21xxx/CVE-2021-21337.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an open redirect vulnerability. A maliciously crafted link to the login form and login functionality could redirect the browser to a different website. The problem has been fixed in version 2.6.1. Depending on how you have installed Products.PluggableAuthService, you should change the buildout version pin to `2.6.1` and re-run the buildout, or if you used `pip` simply do `pip install \"Products.PluggableAuthService>=2.6.1\"." + "value": "Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an open redirect vulnerability. A maliciously crafted link to the login form and login functionality could redirect the browser to a different website. The problem has been fixed in version 2.6.1. Depending on how you have installed Products.PluggableAuthService, you should change the buildout version pin to `2.6.1` and re-run the buildout, or if you used `pip` simply do `pip install \"Products.PluggableAuthService>=2.6.1\"." } ] }, @@ -69,16 +69,16 @@ }, "references": { "reference_data": [ - { - "name": "https://github.com/zopefoundation/Products.PluggableAuthService/security/advisories/GHSA-p44j-xrqg-4xrr", - "refsource": "CONFIRM", - "url": "https://github.com/zopefoundation/Products.PluggableAuthService/security/advisories/GHSA-p44j-xrqg-4xrr" - }, { "name": "https://pypi.org/project/Products.PluggableAuthService/", "refsource": "MISC", "url": "https://pypi.org/project/Products.PluggableAuthService/" }, + { + "name": "https://github.com/zopefoundation/Products.PluggableAuthService/security/advisories/GHSA-p44j-xrqg-4xrr", + "refsource": "CONFIRM", + "url": "https://github.com/zopefoundation/Products.PluggableAuthService/security/advisories/GHSA-p44j-xrqg-4xrr" + }, { "name": "https://github.com/zopefoundation/Products.PluggableAuthService/commit/7eead067898852ebd3e0f143bc51295928528dfa", "refsource": "MISC", diff --git a/2021/21xxx/CVE-2021-21502.json b/2021/21xxx/CVE-2021-21502.json index d75a8b1ffa0..c060a5840b2 100644 --- a/2021/21xxx/CVE-2021-21502.json +++ b/2021/21xxx/CVE-2021-21502.json @@ -1,10 +1,10 @@ { "CVE_data_meta": { - "ASSIGNER": "secure@dell.com", - "DATE_PUBLIC": "2021-02-08", - "ID": "CVE-2021-21502", + "ASSIGNER": "secure@dell.com", + "DATE_PUBLIC": "2021-02-08", + "ID": "CVE-2021-21502", "STATE": "PUBLIC" - }, + }, "affects": { "vendor": { "vendor_data": [ @@ -12,59 +12,60 @@ "product": { "product_data": [ { - "product_name": "PowerScale OneFS", + "product_name": "PowerScale OneFS", "version": { "version_data": [ { - "version_affected": "<", + "version_affected": "<", "version_value": "8.1.2 / 8.2.2 / 9.1.0.x / Empire / Main" } ] } } ] - }, + }, "vendor_name": "Dell" } ] } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { - "lang": "eng", + "lang": "eng", "value": "Dell PowerScale OneFS versions 8.1.0 \u2013 9.1.0 contain a \"use of SSH key past account expiration\" vulnerability. A user on the network with the ISI_PRIV_AUTH_SSH RBAC privilege that has an expired account may potentially exploit this vulnerability, giving them access to the same things they had before account expiration. This may by a high privileged account and hence Dell recommends customers upgrade at the earliest opportunity." } ] - }, + }, "impact": { "cvss": { - "baseScore": 9.8, - "baseSeverity": "Critical", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } - }, + }, "problemtype": { "problemtype_data": [ { "description": [ { - "lang": "eng", + "lang": "eng", "value": "Other" } ] } ] - }, + }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.dell.com/support/kbdoc/en-us/000182873/dsa-2021-009-dell-powerscale-onefs-security-update-for-multiple-vulnerabilities" + "refsource": "MISC", + "url": "https://www.dell.com/support/kbdoc/en-us/000182873/dsa-2021-009-dell-powerscale-onefs-security-update-for-multiple-vulnerabilities", + "name": "https://www.dell.com/support/kbdoc/en-us/000182873/dsa-2021-009-dell-powerscale-onefs-security-update-for-multiple-vulnerabilities" } ] } diff --git a/2021/21xxx/CVE-2021-21503.json b/2021/21xxx/CVE-2021-21503.json index 31fbb69e049..2b17a64828f 100644 --- a/2021/21xxx/CVE-2021-21503.json +++ b/2021/21xxx/CVE-2021-21503.json @@ -1,10 +1,10 @@ { "CVE_data_meta": { - "ASSIGNER": "secure@dell.com", - "DATE_PUBLIC": "2021-02-26", - "ID": "CVE-2021-21503", + "ASSIGNER": "secure@dell.com", + "DATE_PUBLIC": "2021-02-26", + "ID": "CVE-2021-21503", "STATE": "PUBLIC" - }, + }, "affects": { "vendor": { "vendor_data": [ @@ -12,59 +12,60 @@ "product": { "product_data": [ { - "product_name": "PowerScale OneFS", + "product_name": "PowerScale OneFS", "version": { "version_data": [ { - "version_affected": "<", + "version_affected": "<", "version_value": "8.1.2, 8.2.2,9.1.0.x,EMPIRE (9.2.0), GOTHAM" } ] } } ] - }, + }, "vendor_name": "Dell" } ] } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { - "lang": "eng", + "lang": "eng", "value": "PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. The Compadmin user could potentially exploit this vulnerability, leading to potential privileges escalation." } ] - }, + }, "impact": { "cvss": { - "baseScore": 7.8, - "baseSeverity": "High", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } - }, + }, "problemtype": { "problemtype_data": [ { "description": [ { - "lang": "eng", + "lang": "eng", "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" } ] } ] - }, + }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.dell.com/support/kbdoc/000183717" + "refsource": "MISC", + "url": "https://www.dell.com/support/kbdoc/000183717", + "name": "https://www.dell.com/support/kbdoc/000183717" } ] } diff --git a/2021/21xxx/CVE-2021-21506.json b/2021/21xxx/CVE-2021-21506.json index acc2e988cf9..3dff55ba03a 100644 --- a/2021/21xxx/CVE-2021-21506.json +++ b/2021/21xxx/CVE-2021-21506.json @@ -1,10 +1,10 @@ { "CVE_data_meta": { - "ASSIGNER": "secure@dell.com", - "DATE_PUBLIC": "2021-02-26", - "ID": "CVE-2021-21506", + "ASSIGNER": "secure@dell.com", + "DATE_PUBLIC": "2021-02-26", + "ID": "CVE-2021-21506", "STATE": "PUBLIC" - }, + }, "affects": { "vendor": { "vendor_data": [ @@ -12,59 +12,60 @@ "product": { "product_data": [ { - "product_name": "PowerScale OneFS", + "product_name": "PowerScale OneFS", "version": { "version_data": [ { - "version_affected": "<", + "version_affected": "<", "version_value": "8.1.2, 8.2.2,9.1.0.x,EMPIRE (9.2.0), GOTHAM" } ] } } ] - }, + }, "vendor_name": "Dell" } ] } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { - "lang": "eng", + "lang": "eng", "value": "PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in its API handler. An un-authtenticated with ISI_PRIV_SYS_SUPPORT and ISI_PRIV_LOGIN_PAPI privileges could potentially exploit this vulnerability, leading to potential privileges escalation." } ] - }, + }, "impact": { "cvss": { - "baseScore": 8.8, - "baseSeverity": "High", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } - }, + }, "problemtype": { "problemtype_data": [ { "description": [ { - "lang": "eng", + "lang": "eng", "value": "Other" } ] } ] - }, + }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.dell.com/support/kbdoc/000183717" + "refsource": "MISC", + "url": "https://www.dell.com/support/kbdoc/000183717", + "name": "https://www.dell.com/support/kbdoc/000183717" } ] } diff --git a/2021/21xxx/CVE-2021-21510.json b/2021/21xxx/CVE-2021-21510.json index 96fd02790ce..cc83e96e06d 100644 --- a/2021/21xxx/CVE-2021-21510.json +++ b/2021/21xxx/CVE-2021-21510.json @@ -1,10 +1,10 @@ { "CVE_data_meta": { - "ASSIGNER": "secure@dell.com", - "DATE_PUBLIC": "2021-03-04", - "ID": "CVE-2021-21510", + "ASSIGNER": "secure@dell.com", + "DATE_PUBLIC": "2021-03-04", + "ID": "CVE-2021-21510", "STATE": "PUBLIC" - }, + }, "affects": { "vendor": { "vendor_data": [ @@ -12,59 +12,60 @@ "product": { "product_data": [ { - "product_name": "Integrated Dell Remote Access Controller (iDRAC)", + "product_name": "Integrated Dell Remote Access Controller (iDRAC)", "version": { "version_data": [ { - "version_affected": "<", + "version_affected": "<", "version_value": "2.75.100.75" } ] } } ] - }, + }, "vendor_name": "Dell" } ] } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { - "lang": "eng", - "value": "Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary \u2018Host\u2019 header values to poison a web-cache or trigger redirections. \t" + "lang": "eng", + "value": "Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary \u2018Host\u2019 header values to poison a web-cache or trigger redirections." } ] - }, + }, "impact": { "cvss": { - "baseScore": 6.1, - "baseSeverity": "Medium", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" } - }, + }, "problemtype": { "problemtype_data": [ { "description": [ { - "lang": "eng", + "lang": "eng", "value": "CWE-20: Improper Input Validation" } ] } ] - }, + }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.dell.com/support/kbdoc/en-us/000183758/dsa-2021-041-dell-emc-idrac-8-security-update-for-a-host-header-injection-vulnerability" + "refsource": "MISC", + "url": "https://www.dell.com/support/kbdoc/en-us/000183758/dsa-2021-041-dell-emc-idrac-8-security-update-for-a-host-header-injection-vulnerability", + "name": "https://www.dell.com/support/kbdoc/en-us/000183758/dsa-2021-041-dell-emc-idrac-8-security-update-for-a-host-header-injection-vulnerability" } ] } diff --git a/2021/27xxx/CVE-2021-27803.json b/2021/27xxx/CVE-2021-27803.json index 82c6e921253..1e9183a9a23 100644 --- a/2021/27xxx/CVE-2021-27803.json +++ b/2021/27xxx/CVE-2021-27803.json @@ -81,6 +81,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210302 [SECURITY] [DLA 2581-1] wpa security update", "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00003.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-99cad2b81f", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZGUR5XFHATVXTRAEJMODS7ROYHA56NX/" } ] } diff --git a/2021/28xxx/CVE-2021-28097.json b/2021/28xxx/CVE-2021-28097.json new file mode 100644 index 00000000000..cf76b632275 --- /dev/null +++ b/2021/28xxx/CVE-2021-28097.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-28097", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/28xxx/CVE-2021-28098.json b/2021/28xxx/CVE-2021-28098.json new file mode 100644 index 00000000000..0a79a81d7c5 --- /dev/null +++ b/2021/28xxx/CVE-2021-28098.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-28098", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3405.json b/2021/3xxx/CVE-2021-3405.json index d1e2b7cba32..de2011c4708 100644 --- a/2021/3xxx/CVE-2021-3405.json +++ b/2021/3xxx/CVE-2021-3405.json @@ -48,6 +48,16 @@ "refsource": "MISC", "name": "https://github.com/Matroska-Org/libebml/issues/74", "url": "https://github.com/Matroska-Org/libebml/issues/74" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-9a0fff8455", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YY7R2JZRO5I6WS62KTJFTZGKYELVFTVB/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-aa78f97893", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JNHQI6MDOECJ2HT5GCLEX2DMJFEOWPW7/" } ] },