diff --git a/2020/26xxx/CVE-2020-26877.json b/2020/26xxx/CVE-2020-26877.json index aa04865b684..e90763c24a8 100644 --- a/2020/26xxx/CVE-2020-26877.json +++ b/2020/26xxx/CVE-2020-26877.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-26877", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-26877", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ApiFest OAuth 2.0 Server 0.3.1 does not validate the redirect URI in accordance with RFC 6749 and is susceptible to an open redirector attack. Specifically, it directly sends an authorization code to the redirect URI submitted with the authorization request, without checking whether the redirect URI is registered by the client who initiated the request. This allows an attacker to craft a request with a manipulated redirect URI (redirect_uri parameter), which is under the attacker's control, and consequently obtain the leaked authorization code when the server redirects the client to the manipulated redirect URI with an authorization code. NOTE: this is similar to CVE-2019-3778." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://tools.ietf.org/html/rfc6749#section-3.1.2.3", + "refsource": "MISC", + "name": "https://tools.ietf.org/html/rfc6749#section-3.1.2.3" + }, + { + "url": "https://github.com/apifest/apifest-oauth20", + "refsource": "MISC", + "name": "https://github.com/apifest/apifest-oauth20" + }, + { + "url": "http://www.apifest.org/index.html", + "refsource": "MISC", + "name": "http://www.apifest.org/index.html" } ] } diff --git a/2021/46xxx/CVE-2021-46825.json b/2021/46xxx/CVE-2021-46825.json new file mode 100644 index 00000000000..11872ba380b --- /dev/null +++ b/2021/46xxx/CVE-2021-46825.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-46825", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/46xxx/CVE-2021-46826.json b/2021/46xxx/CVE-2021-46826.json new file mode 100644 index 00000000000..d15b703f7a8 --- /dev/null +++ b/2021/46xxx/CVE-2021-46826.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-46826", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/34xxx/CVE-2022-34767.json b/2022/34xxx/CVE-2022-34767.json new file mode 100644 index 00000000000..c87380d149d --- /dev/null +++ b/2022/34xxx/CVE-2022-34767.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-34767", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/34xxx/CVE-2022-34768.json b/2022/34xxx/CVE-2022-34768.json new file mode 100644 index 00000000000..ea5c0a8a283 --- /dev/null +++ b/2022/34xxx/CVE-2022-34768.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-34768", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/34xxx/CVE-2022-34769.json b/2022/34xxx/CVE-2022-34769.json new file mode 100644 index 00000000000..1d43fd139a3 --- /dev/null +++ b/2022/34xxx/CVE-2022-34769.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-34769", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/34xxx/CVE-2022-34770.json b/2022/34xxx/CVE-2022-34770.json new file mode 100644 index 00000000000..f9259c277a6 --- /dev/null +++ b/2022/34xxx/CVE-2022-34770.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-34770", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/34xxx/CVE-2022-34771.json b/2022/34xxx/CVE-2022-34771.json new file mode 100644 index 00000000000..0e2b9075396 --- /dev/null +++ b/2022/34xxx/CVE-2022-34771.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-34771", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/34xxx/CVE-2022-34772.json b/2022/34xxx/CVE-2022-34772.json new file mode 100644 index 00000000000..f62707f116c --- /dev/null +++ b/2022/34xxx/CVE-2022-34772.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-34772", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/34xxx/CVE-2022-34773.json b/2022/34xxx/CVE-2022-34773.json new file mode 100644 index 00000000000..64e7bc86686 --- /dev/null +++ b/2022/34xxx/CVE-2022-34773.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-34773", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/34xxx/CVE-2022-34774.json b/2022/34xxx/CVE-2022-34774.json new file mode 100644 index 00000000000..339c588c889 --- /dev/null +++ b/2022/34xxx/CVE-2022-34774.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-34774", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/34xxx/CVE-2022-34775.json b/2022/34xxx/CVE-2022-34775.json new file mode 100644 index 00000000000..c6e4734be32 --- /dev/null +++ b/2022/34xxx/CVE-2022-34775.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-34775", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/34xxx/CVE-2022-34776.json b/2022/34xxx/CVE-2022-34776.json new file mode 100644 index 00000000000..e2815eb0ff8 --- /dev/null +++ b/2022/34xxx/CVE-2022-34776.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-34776", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file