"-Synchronized-Data."

2015/5xxx/CVE-2015-5237.json

@@ -171,6 +171,21 @@
                 "refsource": "MLIST",
                 "name": "[spark-issues] 20210720 [jira] [Resolved] (SPARK-35877) Spark Protobuf jar has CVE issue CVE-2015-5237",
                 "url": "https://lists.apache.org/thread.html/r14fa8d38d5757254f1a2e112270c996711d514de2e3b01c93d397ab4@%3Cissues.spark.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[hadoop-common-dev] 20210823 [jira] [Created] (HADOOP-17860) Upgrade third party protobuf-java-2.5.0.jar to address vulnerabilities CVEs #CVE-2015-5237",
+                "url": "https://lists.apache.org/thread.html/r00d9ab1fc0f1daf14cd4386564dd84f7889404438d81462c86dfa836@%3Ccommon-dev.hadoop.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[hadoop-common-issues] 20210823 [jira] [Updated] (HADOOP-17860) Upgrade third party protobuf-java-2.5.0.jar to address vulnerabilities #CVE-2015-5237",
+                "url": "https://lists.apache.org/thread.html/r764fc66435ee4d185d359c28c0887d3e5866d7292a8d5598d9e7cbc4@%3Ccommon-issues.hadoop.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[hadoop-common-issues] 20210823 [jira] [Created] (HADOOP-17860) Upgrade third party protobuf-java-2.5.0.jar to address vulnerabilities CVEs #CVE-2015-5237",
+                "url": "https://lists.apache.org/thread.html/r2ea33ce5591a9cb9ed52750b6ab42ab658f529a7028c3166ba93c7d5@%3Ccommon-issues.hadoop.apache.org%3E"
             }
         ]
     }

2021/35xxx/CVE-2021-35465.json

@@ -1,17 +1,66 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
-        "ID": "CVE-2021-35465",
         "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2021-35465",
+        "STATE": "PUBLIC"
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "Certain Arm products before 2021-08-23 do not properly consider the effect of exceptions on a VLLDM instruction. A Non-secure handler may have read or write access to part of a Secure context. This affects Arm Cortex-M33 r0p0 through r1p0, Arm Cortex-M35P r0, Arm Cortex-M55 r0p0 through r1p0, and Arm China STAR-MC1 (in the STAR SE configuration)."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://developer.arm.com/support/arm-security-updates",
+                "refsource": "MISC",
+                "name": "https://developer.arm.com/support/arm-security-updates"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://developer.arm.com/support/arm-security-updates/vlldm-instruction-security-vulnerability",
+                "url": "https://developer.arm.com/support/arm-security-updates/vlldm-instruction-security-vulnerability"
             }
         ]
     }

2021/3xxx/CVE-2021-3693.json

@@ -40,7 +40,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "LedgerSMB does not check the origin of HTML fragments merged into the browser's DOM.  By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure."
+                "value": "LedgerSMB does not check the origin of HTML fragments merged into the browser's DOM. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure."
             }
         ]
     },
@@ -90,4 +90,4 @@
         "advisory": "daf1384d-648a-43fd-9b35-5c37d8ead667",
         "discovery": "EXTERNAL"
     }
-}
+}

2021/3xxx/CVE-2021-3694.json

@@ -40,7 +40,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "LedgerSMB does not sufficiently HTML-encode error messages sent to the browser.  By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure."
+                "value": "LedgerSMB does not sufficiently HTML-encode error messages sent to the browser. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure."
             }
         ]
     },
@@ -98,4 +98,4 @@
         "advisory": "ef7f4cf7-3a81-4516-b261-f5b6ac21430c",
         "discovery": "EXTERNAL"
     }
-}
+}