From 1b2636d17568f9fb5f89c6adf3cfd1eaf44fb3d5 Mon Sep 17 00:00:00 2001
From: CVE Team <cve-request@mitre.org>
Date: Tue, 20 Oct 2020 21:01:52 +0000
Subject: [PATCH] "-Synchronized-Data."

---
 2016/10xxx/CVE-2016-10228.json | 12 +++++++++++-
 2020/15xxx/CVE-2020-15264.json |  2 +-
 2020/15xxx/CVE-2020-15269.json |  2 +-
 2020/26xxx/CVE-2020-26891.json | 17 +++++++++++------
 2020/27xxx/CVE-2020-27357.json | 18 ++++++++++++++++++
 2020/27xxx/CVE-2020-27358.json | 18 ++++++++++++++++++
 2020/27xxx/CVE-2020-27359.json | 18 ++++++++++++++++++
 7 files changed, 78 insertions(+), 9 deletions(-)
 create mode 100644 2020/27xxx/CVE-2020-27357.json
 create mode 100644 2020/27xxx/CVE-2020-27358.json
 create mode 100644 2020/27xxx/CVE-2020-27359.json

diff --git a/2016/10xxx/CVE-2016-10228.json b/2016/10xxx/CVE-2016-10228.json
index 1bbe92a9530..a63ef56322a 100644
--- a/2016/10xxx/CVE-2016-10228.json
+++ b/2016/10xxx/CVE-2016-10228.json
@@ -34,7 +34,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service."
+                "value": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service."
             }
         ]
     },
@@ -66,6 +66,16 @@
                 "name": "http://openwall.com/lists/oss-security/2017/03/01/10",
                 "refsource": "CONFIRM",
                 "url": "http://openwall.com/lists/oss-security/2017/03/01/10"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21",
+                "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224",
+                "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224"
             }
         ]
     }
diff --git a/2020/15xxx/CVE-2020-15264.json b/2020/15xxx/CVE-2020-15264.json
index 6b7080f76a2..9e757e6f3d8 100644
--- a/2020/15xxx/CVE-2020-15264.json
+++ b/2020/15xxx/CVE-2020-15264.json
@@ -35,7 +35,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "The Boxstarter installer before version 2.13.0 configures C:\\ProgramData\\Boxstarter to be in the system-wide PATH environment variable. However, this directory is writable by normal, unprivileged users. To exploit the vulnerability, place a DLL in this directory that a privileged service is looking for. For example, WptsExtensions.dll When Windows starts, it'll execute the code in DllMain() with SYSTEM privileges.\nAny unprivileged user can execute code with SYSTEM privileges.\nThe issue is fixed in version 3.13.0"
+                "value": "The Boxstarter installer before version 2.13.0 configures C:\\ProgramData\\Boxstarter to be in the system-wide PATH environment variable. However, this directory is writable by normal, unprivileged users. To exploit the vulnerability, place a DLL in this directory that a privileged service is looking for. For example, WptsExtensions.dll When Windows starts, it'll execute the code in DllMain() with SYSTEM privileges. Any unprivileged user can execute code with SYSTEM privileges. The issue is fixed in version 3.13.0"
             }
         ]
     },
diff --git a/2020/15xxx/CVE-2020-15269.json b/2020/15xxx/CVE-2020-15269.json
index f9fd90a96bd..3c810d18eea 100644
--- a/2020/15xxx/CVE-2020-15269.json
+++ b/2020/15xxx/CVE-2020-15269.json
@@ -41,7 +41,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens could be used to access Storefront API v2 endpoints. \n\nThe issue is patched in versions 3.7.11, 4.0.4 and 4.1.11. A workaround without upgrading is described in the linked advisory."
+                "value": "In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens could be used to access Storefront API v2 endpoints. The issue is patched in versions 3.7.11, 4.0.4 and 4.1.11. A workaround without upgrading is described in the linked advisory."
             }
         ]
     },
diff --git a/2020/26xxx/CVE-2020-26891.json b/2020/26xxx/CVE-2020-26891.json
index 49f11daee7f..845a9e233ee 100644
--- a/2020/26xxx/CVE-2020-26891.json
+++ b/2020/26xxx/CVE-2020-26891.json
@@ -34,7 +34,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS due to unsafe interpolation of the session GET parameter. This allows a remote attacker to execute an XSS attack on the domain Synapse is hosted on, by supplying the victim user with a malicious URL to the /_matrix/client/r0/auth/m.login.recaptcha or /_matrix/client/r0/auth/m.login.terms Synapse 974923."
+                "value": "AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS due to unsafe interpolation of the session GET parameter. This allows a remote attacker to execute an XSS attack on the domain Synapse is hosted on, by supplying the victim user with a malicious URL to the /_matrix/client/r0/auth/*/fallback/web or /_matrix/client/unstable/auth/*/fallback/web Synapse endpoints."
             }
         ]
     },
@@ -52,11 +52,6 @@
     },
     "references": {
         "reference_data": [
-            {
-                "url": "https://github.com/matrix-org/synapse/releases",
-                "refsource": "MISC",
-                "name": "https://github.com/matrix-org/synapse/releases"
-            },
             {
                 "refsource": "MISC",
                 "name": "https://github.com/matrix-org/synapse/pull/8444",
@@ -66,6 +61,16 @@
                 "refsource": "MISC",
                 "name": "https://matrix.org/blog/2020/10/15/synapse-1-21-2-released-and-security-advisory",
                 "url": "https://matrix.org/blog/2020/10/15/synapse-1-21-2-released-and-security-advisory"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://github.com/matrix-org/synapse/releases/tag/v1.21.2",
+                "url": "https://github.com/matrix-org/synapse/releases/tag/v1.21.2"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://github.com/matrix-org/synapse/security/advisories/GHSA-3x8c-fmpc-5rmq",
+                "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-3x8c-fmpc-5rmq"
             }
         ]
     }
diff --git a/2020/27xxx/CVE-2020-27357.json b/2020/27xxx/CVE-2020-27357.json
new file mode 100644
index 00000000000..52f69f7467d
--- /dev/null
+++ b/2020/27xxx/CVE-2020-27357.json
@@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2020-27357",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2020/27xxx/CVE-2020-27358.json b/2020/27xxx/CVE-2020-27358.json
new file mode 100644
index 00000000000..351f0035469
--- /dev/null
+++ b/2020/27xxx/CVE-2020-27358.json
@@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2020-27358",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2020/27xxx/CVE-2020-27359.json b/2020/27xxx/CVE-2020-27359.json
new file mode 100644
index 00000000000..5fabf875785
--- /dev/null
+++ b/2020/27xxx/CVE-2020-27359.json
@@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2020-27359",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
\ No newline at end of file