diff --git a/2019/10xxx/CVE-2019-10393.json b/2019/10xxx/CVE-2019-10393.json index 766144b1ad4..6ec2507db91 100644 --- a/2019/10xxx/CVE-2019-10393.json +++ b/2019/10xxx/CVE-2019-10393.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10393", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Script Security Plugin", - "version": { - "version_data": [ - { - "version_value": "1.62 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,22 +21,46 @@ "description": [ { "lang": "eng", - "value": "CWE-265" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Script Security Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.62 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2" + "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/09/12/2" }, { "url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538" } ] diff --git a/2019/10xxx/CVE-2019-10394.json b/2019/10xxx/CVE-2019-10394.json index 77019894075..55981081126 100644 --- a/2019/10xxx/CVE-2019-10394.json +++ b/2019/10xxx/CVE-2019-10394.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10394", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Script Security Plugin", - "version": { - "version_data": [ - { - "version_value": "1.62 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,22 +21,46 @@ "description": [ { "lang": "eng", - "value": "CWE-265" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Script Security Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.62 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2" + "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/09/12/2" }, { "url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538" } ] diff --git a/2019/10xxx/CVE-2019-10395.json b/2019/10xxx/CVE-2019-10395.json index 21c08189ac4..b62536a242b 100644 --- a/2019/10xxx/CVE-2019-10395.json +++ b/2019/10xxx/CVE-2019-10395.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10395", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Build Environment Plugin", - "version": { - "version_data": [ - { - "version_value": "1.6 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,22 +21,46 @@ "description": [ { "lang": "eng", - "value": "CWE-79" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Build Environment Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.6 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2" + "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/09/12/2" }, { "url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1476", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1476" } ] diff --git a/2019/10xxx/CVE-2019-10396.json b/2019/10xxx/CVE-2019-10396.json index 3742e384560..4e9b58e9f1a 100644 --- a/2019/10xxx/CVE-2019-10396.json +++ b/2019/10xxx/CVE-2019-10396.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10396", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Dashboard View Plugin", - "version": { - "version_data": [ - { - "version_value": "2.11 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,22 +21,46 @@ "description": [ { "lang": "eng", - "value": "CWE-79" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Dashboard View Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.11 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2" + "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/09/12/2" }, { "url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1489", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1489" } ] diff --git a/2019/10xxx/CVE-2019-10397.json b/2019/10xxx/CVE-2019-10397.json index a1b66d7cbac..12e88884b28 100644 --- a/2019/10xxx/CVE-2019-10397.json +++ b/2019/10xxx/CVE-2019-10397.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10397", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Aqua Security Serverless Scanner Plugin", - "version": { - "version_data": [ - { - "version_value": "1.0.4 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,22 +21,46 @@ "description": [ { "lang": "eng", - "value": "CWE-319" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Aqua Security Serverless Scanner Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0.4 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2" + "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/09/12/2" }, { "url": "https://jenkins.io/security/advisory/2019-09-12/#SECURTY-1509", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-09-12/#SECURTY-1509" } ] diff --git a/2019/10xxx/CVE-2019-10398.json b/2019/10xxx/CVE-2019-10398.json index ef8ed44a524..a662a24cf89 100644 --- a/2019/10xxx/CVE-2019-10398.json +++ b/2019/10xxx/CVE-2019-10398.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10398", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Beaker Builder Plugin", - "version": { - "version_data": [ - { - "version_value": "1.9 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,22 +21,46 @@ "description": [ { "lang": "eng", - "value": "CWE-256" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Beaker Builder Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.9 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2" + "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/09/12/2" }, { "url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1545", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1545" } ] diff --git a/2019/10xxx/CVE-2019-10399.json b/2019/10xxx/CVE-2019-10399.json index 07d477b04ca..68780eaf229 100644 --- a/2019/10xxx/CVE-2019-10399.json +++ b/2019/10xxx/CVE-2019-10399.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10399", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Script Security Plugin", - "version": { - "version_data": [ - { - "version_value": "1.62 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,22 +21,46 @@ "description": [ { "lang": "eng", - "value": "CWE-265" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Script Security Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.62 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2" + "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/09/12/2" }, { "url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538" } ] diff --git a/2019/10xxx/CVE-2019-10400.json b/2019/10xxx/CVE-2019-10400.json index 557c4d1a8c0..79dede51082 100644 --- a/2019/10xxx/CVE-2019-10400.json +++ b/2019/10xxx/CVE-2019-10400.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10400", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Script Security Plugin", - "version": { - "version_data": [ - { - "version_value": "1.62 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,22 +21,46 @@ "description": [ { "lang": "eng", - "value": "CWE-265" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Script Security Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.62 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190912 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2" + "url": "http://www.openwall.com/lists/oss-security/2019/09/12/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/09/12/2" }, { "url": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1538" } ] diff --git a/2019/10xxx/CVE-2019-10401.json b/2019/10xxx/CVE-2019-10401.json index 36f199fb257..e5f22863bb0 100644 --- a/2019/10xxx/CVE-2019-10401.json +++ b/2019/10xxx/CVE-2019-10401.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10401", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.196 and earlier, LTS 2.176.3 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-79" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.196 and earlier, LTS 2.176.3 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1498", "url": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1498", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1498" }, { - "refsource": "MLIST", - "name": "[oss-security] 20190925 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/09/25/3" + "url": "http://www.openwall.com/lists/oss-security/2019/09/25/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/09/25/3" } ] } diff --git a/2019/10xxx/CVE-2019-10402.json b/2019/10xxx/CVE-2019-10402.json index 2c1941c7981..96433182de8 100644 --- a/2019/10xxx/CVE-2019-10402.json +++ b/2019/10xxx/CVE-2019-10402.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10402", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.196 and earlier, LTS 2.176.3 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-79" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.196 and earlier, LTS 2.176.3 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1525", "url": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1525", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1525" }, { - "refsource": "MLIST", - "name": "[oss-security] 20190925 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/09/25/3" + "url": "http://www.openwall.com/lists/oss-security/2019/09/25/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/09/25/3" } ] } diff --git a/2019/10xxx/CVE-2019-10403.json b/2019/10xxx/CVE-2019-10403.json index cc5944900bd..700563f0939 100644 --- a/2019/10xxx/CVE-2019-10403.json +++ b/2019/10xxx/CVE-2019-10403.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10403", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.196 and earlier, LTS 2.176.3 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-79" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.196 and earlier, LTS 2.176.3 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1537%20(1)", - "url": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1537%20(1)", - "refsource": "CONFIRM" + "url": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1537%20%281%29", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1537%20%281%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20190925 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/09/25/3" + "url": "http://www.openwall.com/lists/oss-security/2019/09/25/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/09/25/3" } ] } diff --git a/2019/10xxx/CVE-2019-10404.json b/2019/10xxx/CVE-2019-10404.json index 28c9446f045..5da212f7c45 100644 --- a/2019/10xxx/CVE-2019-10404.json +++ b/2019/10xxx/CVE-2019-10404.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10404", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.196 and earlier, LTS 2.176.3 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-79" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.196 and earlier, LTS 2.176.3 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1537%20(2)", - "url": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1537%20(2)", - "refsource": "CONFIRM" + "url": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1537%20%282%29", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1537%20%282%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20190925 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/09/25/3" + "url": "http://www.openwall.com/lists/oss-security/2019/09/25/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/09/25/3" } ] } diff --git a/2019/10xxx/CVE-2019-10405.json b/2019/10xxx/CVE-2019-10405.json index 3eb333d476e..83fb23ff03e 100644 --- a/2019/10xxx/CVE-2019-10405.json +++ b/2019/10xxx/CVE-2019-10405.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10405", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.196 and earlier, LTS 2.176.3 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-79" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.196 and earlier, LTS 2.176.3 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1505", "url": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1505", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1505" }, { - "refsource": "MLIST", - "name": "[oss-security] 20190925 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/09/25/3" + "url": "http://www.openwall.com/lists/oss-security/2019/09/25/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/09/25/3" } ] } diff --git a/2019/10xxx/CVE-2019-10406.json b/2019/10xxx/CVE-2019-10406.json index f64edeb4034..07317386ef5 100644 --- a/2019/10xxx/CVE-2019-10406.json +++ b/2019/10xxx/CVE-2019-10406.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10406", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.196 and earlier, LTS 2.176.3 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-79" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.196 and earlier, LTS 2.176.3 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1471", "url": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1471", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1471" }, { - "refsource": "MLIST", - "name": "[oss-security] 20190925 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/09/25/3" + "url": "http://www.openwall.com/lists/oss-security/2019/09/25/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/09/25/3" } ] } diff --git a/2020/2xxx/CVE-2020-2090.json b/2020/2xxx/CVE-2020-2090.json index f69591213ff..d2dd173afd3 100644 --- a/2020/2xxx/CVE-2020-2090.json +++ b/2020/2xxx/CVE-2020-2090.json @@ -1,44 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2090", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Amazon EC2 Plugin", - "version": { - "version_data": [ - { - "version_value": "1.47", - "version_affected": "<=" - }, - { - "version_value": "1.46.2", - "version_affected": "!>=" - }, - { - "version_value": "1.42.2", - "version_affected": "!>=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -53,18 +21,63 @@ "description": [ { "lang": "eng", - "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Amazon EC2 Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.47", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unaffected", + "version": "1.46.2", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unaffected", + "version": "1.42.2", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1004", "url": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1004", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1004" } ] } diff --git a/2020/2xxx/CVE-2020-2091.json b/2020/2xxx/CVE-2020-2091.json index 002d29e3572..fceb0f9e728 100644 --- a/2020/2xxx/CVE-2020-2091.json +++ b/2020/2xxx/CVE-2020-2091.json @@ -1,44 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2091", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Amazon EC2 Plugin", - "version": { - "version_data": [ - { - "version_value": "1.47", - "version_affected": "<=" - }, - { - "version_value": "1.46.2", - "version_affected": "!>=" - }, - { - "version_value": "1.42.2", - "version_affected": "!>=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -53,18 +21,63 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Amazon EC2 Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.47", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unaffected", + "version": "1.46.2", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unaffected", + "version": "1.42.2", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1004", "url": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1004", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1004" } ] } diff --git a/2020/2xxx/CVE-2020-2092.json b/2020/2xxx/CVE-2020-2092.json index 51d1ad2dd03..1f8d3f4c245 100644 --- a/2020/2xxx/CVE-2020-2092.json +++ b/2020/2xxx/CVE-2020-2092.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2092", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Robot Framework Plugin", - "version": { - "version_data": [ - { - "version_value": "2.0.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-611: Improper Restriction of XML External Entity Reference" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Robot Framework Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.0.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1698", "url": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1698", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1698" } ] } diff --git a/2020/2xxx/CVE-2020-2093.json b/2020/2xxx/CVE-2020-2093.json index efc53a1dc65..d43f4a8514a 100644 --- a/2020/2xxx/CVE-2020-2093.json +++ b/2020/2xxx/CVE-2020-2093.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2093", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Health Advisor by CloudBees Plugin", - "version": { - "version_data": [ - { - "version_value": "3.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Health Advisor by CloudBees Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "3.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1708", "url": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1708", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1708" } ] } diff --git a/2020/2xxx/CVE-2020-2094.json b/2020/2xxx/CVE-2020-2094.json index 0ca318a6c37..d861f3b742b 100644 --- a/2020/2xxx/CVE-2020-2094.json +++ b/2020/2xxx/CVE-2020-2094.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2094", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Health Advisor by CloudBees Plugin", - "version": { - "version_data": [ - { - "version_value": "3.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-285: Improper Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Health Advisor by CloudBees Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "3.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1708", "url": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1708", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1708" } ] } diff --git a/2020/2xxx/CVE-2020-2095.json b/2020/2xxx/CVE-2020-2095.json index 81e975b2593..72436d30df8 100644 --- a/2020/2xxx/CVE-2020-2095.json +++ b/2020/2xxx/CVE-2020-2095.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2095", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Redgate SQL Change Automation Plugin", - "version": { - "version_data": [ - { - "version_value": "2.0.4", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-256: Unprotected Storage of Credentials" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Redgate SQL Change Automation Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.0.4" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1696", "url": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1696", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1696" } ] } diff --git a/2020/2xxx/CVE-2020-2096.json b/2020/2xxx/CVE-2020-2096.json index c31ee490eee..c24cb017019 100644 --- a/2020/2xxx/CVE-2020-2096.json +++ b/2020/2xxx/CVE-2020-2096.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2096", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Gitlab Hook Plugin", - "version": { - "version_data": [ - { - "version_value": "1.4.2", - "version_affected": "<=" - }, - { - "version_value": "1.4.2", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,28 +21,67 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Gitlab Hook Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.4.2", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.4.2", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1683", "url": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1683", - "refsource": "CONFIRM" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20200115 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/01/15/1" - }, - { "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/155967/Jenkins-Gitlab-Hook-1.4.2-Cross-Site-Scripting.html", - "url": "http://packetstormsecurity.com/files/155967/Jenkins-Gitlab-Hook-1.4.2-Cross-Site-Scripting.html" + "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1683" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2020/01/15/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/01/15/1" + }, + { + "url": "http://packetstormsecurity.com/files/155967/Jenkins-Gitlab-Hook-1.4.2-Cross-Site-Scripting.html", + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155967/Jenkins-Gitlab-Hook-1.4.2-Cross-Site-Scripting.html" } ] } diff --git a/2020/2xxx/CVE-2020-2097.json b/2020/2xxx/CVE-2020-2097.json index ee1922071a6..c2d5be02713 100644 --- a/2020/2xxx/CVE-2020-2097.json +++ b/2020/2xxx/CVE-2020-2097.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2097", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Sounds Plugin", - "version": { - "version_data": [ - { - "version_value": "0.5", - "version_affected": "<=" - }, - { - "version_value": "0.5", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,57 @@ "description": [ { "lang": "eng", - "value": "CWE-285: Improper Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Sounds Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "0.5", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 0.5", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-814", "url": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-814", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-01-15/#SECURITY-814" } ] } diff --git a/2022/25xxx/CVE-2022-25183.json b/2022/25xxx/CVE-2022-25183.json index f4c28c23f46..c285e4c1304 100644 --- a/2022/25xxx/CVE-2022-25183.json +++ b/2022/25xxx/CVE-2022-25183.json @@ -1,44 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-25183", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Pipeline: Shared Groovy Libraries Plugin", - "version": { - "version_data": [ - { - "version_value": "552.vd9cc05b8a2e1", - "version_affected": "<=" - }, - { - "version_value": "2.21", - "version_affected": ">=" - }, - { - "version_value": "2.21.1", - "version_affected": "!" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -53,18 +21,61 @@ "description": [ { "lang": "eng", - "value": "CWE-693: Protection Mechanism Failure" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Pipeline: Shared Groovy Libraries Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "552.vd9cc05b8a2e1", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "affected", + "version": "2.21", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "2.21.1" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2586", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2586", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2586" } ] } diff --git a/2022/25xxx/CVE-2022-25184.json b/2022/25xxx/CVE-2022-25184.json index 03914073c59..07fee5d1c8e 100644 --- a/2022/25xxx/CVE-2022-25184.json +++ b/2022/25xxx/CVE-2022-25184.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-25184", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Pipeline: Build Step Plugin", - "version": { - "version_data": [ - { - "version_value": "2.15", - "version_affected": "<=" - }, - { - "version_value": "2.13.1", - "version_affected": "!" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,55 @@ "description": [ { "lang": "eng", - "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Pipeline: Build Step Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "2.15", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "2.13.1" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2519", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2519", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2519" } ] } diff --git a/2022/25xxx/CVE-2022-25185.json b/2022/25xxx/CVE-2022-25185.json index 478ef4240e5..5bd0e0ca821 100644 --- a/2022/25xxx/CVE-2022-25185.json +++ b/2022/25xxx/CVE-2022-25185.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-25185", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Generic Webhook Trigger Plugin", - "version": { - "version_data": [ - { - "version_value": "1.81", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Generic Webhook Trigger Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.81" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2592", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2592", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2592" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220215 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/02/15/2" + "url": "http://www.openwall.com/lists/oss-security/2022/02/15/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/02/15/2" } ] } diff --git a/2022/25xxx/CVE-2022-25186.json b/2022/25xxx/CVE-2022-25186.json index 7188bbcc619..3aeba1b853a 100644 --- a/2022/25xxx/CVE-2022-25186.json +++ b/2022/25xxx/CVE-2022-25186.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-25186", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins HashiCorp Vault Plugin", - "version": { - "version_data": [ - { - "version_value": "3.8.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-693: Protection Mechanism Failure" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins HashiCorp Vault Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "3.8.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2429", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2429", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2429" } ] } diff --git a/2022/25xxx/CVE-2022-25187.json b/2022/25xxx/CVE-2022-25187.json index 624f55a86c2..0da46af3064 100644 --- a/2022/25xxx/CVE-2022-25187.json +++ b/2022/25xxx/CVE-2022-25187.json @@ -21,8 +21,7 @@ "description": [ { "lang": "eng", - "value": "CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer", - "cweId": "CWE-212" + "value": "n/a" } ] } diff --git a/2022/25xxx/CVE-2022-25188.json b/2022/25xxx/CVE-2022-25188.json index 0028fafa11a..984b38e7a9c 100644 --- a/2022/25xxx/CVE-2022-25188.json +++ b/2022/25xxx/CVE-2022-25188.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-25188", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Fortify Plugin", - "version": { - "version_data": [ - { - "version_value": "20.2.34", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Fortify Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "20.2.34" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2214", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2214", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2214" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220215 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/02/15/2" + "url": "http://www.openwall.com/lists/oss-security/2022/02/15/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/02/15/2" } ] } diff --git a/2022/25xxx/CVE-2022-25189.json b/2022/25xxx/CVE-2022-25189.json index c118f38e44c..420356d7b97 100644 --- a/2022/25xxx/CVE-2022-25189.json +++ b/2022/25xxx/CVE-2022-25189.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-25189", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Custom Checkbox Parameter Plugin", - "version": { - "version_data": [ - { - "version_value": "1.1", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Custom Checkbox Parameter Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.1" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2266", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2266", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2266" } ] } diff --git a/2022/25xxx/CVE-2022-25190.json b/2022/25xxx/CVE-2022-25190.json index 3963d3da703..227ad636a54 100644 --- a/2022/25xxx/CVE-2022-25190.json +++ b/2022/25xxx/CVE-2022-25190.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-25190", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Conjur Secrets Plugin", - "version": { - "version_data": [ - { - "version_value": "1.0.11", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Conjur Secrets Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.0.11" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2350", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2350", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2350" } ] } diff --git a/2022/25xxx/CVE-2022-25191.json b/2022/25xxx/CVE-2022-25191.json index d6cef57b62f..1889fc914c6 100644 --- a/2022/25xxx/CVE-2022-25191.json +++ b/2022/25xxx/CVE-2022-25191.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-25191", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Agent Server Parameter Plugin", - "version": { - "version_data": [ - { - "version_value": "1.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Agent Server Parameter Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2268", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2268", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2268" } ] } diff --git a/2022/25xxx/CVE-2022-25192.json b/2022/25xxx/CVE-2022-25192.json index 17cfbebc300..8558ed8aea0 100644 --- a/2022/25xxx/CVE-2022-25192.json +++ b/2022/25xxx/CVE-2022-25192.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-25192", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Snow Commander Plugin", - "version": { - "version_data": [ - { - "version_value": "1.10", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,19 +21,44 @@ "description": [ { "lang": "eng", - "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Snow Commander Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.10" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2536", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2536", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2536" } ] } -} +} \ No newline at end of file diff --git a/2022/25xxx/CVE-2022-25193.json b/2022/25xxx/CVE-2022-25193.json index 608a52db0fc..249e52979db 100644 --- a/2022/25xxx/CVE-2022-25193.json +++ b/2022/25xxx/CVE-2022-25193.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-25193", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Snow Commander Plugin", - "version": { - "version_data": [ - { - "version_value": "1.10", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,19 +21,44 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Snow Commander Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.10" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2536", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2536", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2536" } ] } -} +} \ No newline at end of file diff --git a/2022/25xxx/CVE-2022-25194.json b/2022/25xxx/CVE-2022-25194.json index 82251e0026e..b7714be47ab 100644 --- a/2022/25xxx/CVE-2022-25194.json +++ b/2022/25xxx/CVE-2022-25194.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-25194", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins autonomiq Plugin", - "version": { - "version_data": [ - { - "version_value": "1.15", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins autonomiq Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.15" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2545", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2545", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2545" } ] } diff --git a/2022/25xxx/CVE-2022-25195.json b/2022/25xxx/CVE-2022-25195.json index 6da48c17f6c..eeef922c366 100644 --- a/2022/25xxx/CVE-2022-25195.json +++ b/2022/25xxx/CVE-2022-25195.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-25195", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins autonomiq Plugin", - "version": { - "version_data": [ - { - "version_value": "1.15", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins autonomiq Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.15" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2545", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2545", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2545" } ] } diff --git a/2022/25xxx/CVE-2022-25196.json b/2022/25xxx/CVE-2022-25196.json index 875ca2d46ce..637f9aa7ee9 100644 --- a/2022/25xxx/CVE-2022-25196.json +++ b/2022/25xxx/CVE-2022-25196.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-25196", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins GitLab Authentication Plugin", - "version": { - "version_data": [ - { - "version_value": "1.13", - "version_affected": "<=" - }, - { - "version_value": "1.13", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins GitLab Authentication Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.13", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.13", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-1833", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-1833", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-1833" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220215 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/02/15/2" + "url": "http://www.openwall.com/lists/oss-security/2022/02/15/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/02/15/2" } ] } diff --git a/2022/25xxx/CVE-2022-25197.json b/2022/25xxx/CVE-2022-25197.json index ce606e7675e..f4ea0dde256 100644 --- a/2022/25xxx/CVE-2022-25197.json +++ b/2022/25xxx/CVE-2022-25197.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-25197", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins HashiCorp Vault Plugin", - "version": { - "version_data": [ - { - "version_value": "336.v182c0fbaaeb7", - "version_affected": "<=" - }, - { - "version_value": "336.v182c0fbaaeb7", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,57 @@ "description": [ { "lang": "eng", - "value": "CWE-693: Protection Mechanism Failure" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins HashiCorp Vault Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "336.v182c0fbaaeb7", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 336.v182c0fbaaeb7", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2521", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2521", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2521" } ] } diff --git a/2022/36xxx/CVE-2022-36922.json b/2022/36xxx/CVE-2022-36922.json index 754013aa0a1..fcbaab5c79b 100644 --- a/2022/36xxx/CVE-2022-36922.json +++ b/2022/36xxx/CVE-2022-36922.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-36922", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Lucene-Search Plugin", - "version": { - "version_data": [ - { - "version_value": "370.v62a5f618cd3a", - "version_affected": "<=" - }, - { - "version_value": "370.v62a5f618cd3a", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Lucene-Search Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "370.v62a5f618cd3a", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 370.v62a5f618cd3a", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2812", "url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2812", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2812" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/07/27/1" + "url": "http://www.openwall.com/lists/oss-security/2022/07/27/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/07/27/1" } ] } diff --git a/2022/38xxx/CVE-2022-38663.json b/2022/38xxx/CVE-2022-38663.json index f26b0d479e0..b5f660ea6dc 100644 --- a/2022/38xxx/CVE-2022-38663.json +++ b/2022/38xxx/CVE-2022-38663.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-38663", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Git Plugin", - "version": { - "version_data": [ - { - "version_value": "4.11.4", - "version_affected": "<=" - }, - { - "version_value": "4.9.4", - "version_affected": "!" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,60 @@ "description": [ { "lang": "eng", - "value": "CWE-522: Insufficiently Protected Credentials" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Git Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "4.11.4", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "4.9.4" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2796", "url": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2796", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2796" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220823 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/08/23/2" + "url": "http://www.openwall.com/lists/oss-security/2022/08/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/08/23/2" } ] } diff --git a/2022/38xxx/CVE-2022-38664.json b/2022/38xxx/CVE-2022-38664.json index 6a34c43f49c..2c7956592b3 100644 --- a/2022/38xxx/CVE-2022-38664.json +++ b/2022/38xxx/CVE-2022-38664.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-38664", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Job Configuration History Plugin", - "version": { - "version_data": [ - { - "version_value": "1165.v8cc9fd1f4597", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Job Configuration History Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1165.v8cc9fd1f4597" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2765", "url": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2765", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2765" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220823 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/08/23/2" + "url": "http://www.openwall.com/lists/oss-security/2022/08/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/08/23/2" } ] } diff --git a/2022/38xxx/CVE-2022-38665.json b/2022/38xxx/CVE-2022-38665.json index 0252309a281..d19bed7d658 100644 --- a/2022/38xxx/CVE-2022-38665.json +++ b/2022/38xxx/CVE-2022-38665.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-38665", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins CollabNet Plugins Plugin", - "version": { - "version_data": [ - { - "version_value": "2.0.8", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-256: Plaintext Storage of a Password" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins CollabNet Plugins Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.0.8" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2157", "url": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2157", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-08-23/#SECURITY-2157" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220823 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/08/23/2" + "url": "http://www.openwall.com/lists/oss-security/2022/08/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/08/23/2" } ] } diff --git a/2022/38xxx/CVE-2022-38666.json b/2022/38xxx/CVE-2022-38666.json index fee2a23a0ec..0a5f84afe20 100644 --- a/2022/38xxx/CVE-2022-38666.json +++ b/2022/38xxx/CVE-2022-38666.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-38666", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins NS-ND Integration Performance Publisher Plugin", - "version": { - "version_data": [ - { - "version_value": "4.8.0.146", - "version_affected": "<=" - }, - { - "version_value": "4.8.0.146", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-295: Improper Certificate Validation" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins NS-ND Integration Performance Publisher Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "4.8.0.146", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 4.8.0.146", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2910%20(2)", - "url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2910%20(2)", - "refsource": "CONFIRM" + "url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2910%20%282%29", + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2910%20%282%29" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2022/11/15/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/11/15/4" } ] } diff --git a/2022/41xxx/CVE-2022-41224.json b/2022/41xxx/CVE-2022-41224.json index 081e3c221de..a1ca496641b 100644 --- a/2022/41xxx/CVE-2022-41224.json +++ b/2022/41xxx/CVE-2022-41224.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-41224", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.367", - "version_affected": ">=" - }, - { - "version_value": "2.369", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2.367", + "version_value": "unspecified" + }, + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.369" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2886", "url": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2886", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2886" } ] } diff --git a/2022/41xxx/CVE-2022-41225.json b/2022/41xxx/CVE-2022-41225.json index 9ea1df5778c..853c4dd6321 100644 --- a/2022/41xxx/CVE-2022-41225.json +++ b/2022/41xxx/CVE-2022-41225.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-41225", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Anchore Container Image Scanner Plugin", - "version": { - "version_data": [ - { - "version_value": "1.0.24", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Anchore Container Image Scanner Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.0.24" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2821", "url": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2821", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2821" } ] } diff --git a/2022/41xxx/CVE-2022-41226.json b/2022/41xxx/CVE-2022-41226.json index f6b06269b6e..198e6b6e760 100644 --- a/2022/41xxx/CVE-2022-41226.json +++ b/2022/41xxx/CVE-2022-41226.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-41226", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Compuware Common Configuration Plugin", - "version": { - "version_data": [ - { - "version_value": "1.0.14", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-611: Improper Restriction of XML External Entity Reference" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Compuware Common Configuration Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.0.14" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2832", "url": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2832", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2832" } ] } diff --git a/2022/41xxx/CVE-2022-41227.json b/2022/41xxx/CVE-2022-41227.json index 4c71652cf66..e8fc9c6abf8 100644 --- a/2022/41xxx/CVE-2022-41227.json +++ b/2022/41xxx/CVE-2022-41227.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-41227", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins NS-ND Integration Performance Publisher Plugin", - "version": { - "version_data": [ - { - "version_value": "4.8.0.129", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins NS-ND Integration Performance Publisher Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "4.8.0.129" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2737", "url": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2737", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2737" } ] } diff --git a/2022/41xxx/CVE-2022-41228.json b/2022/41xxx/CVE-2022-41228.json index 2f82bc03b0a..ff20f771ef5 100644 --- a/2022/41xxx/CVE-2022-41228.json +++ b/2022/41xxx/CVE-2022-41228.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-41228", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins NS-ND Integration Performance Publisher Plugin", - "version": { - "version_data": [ - { - "version_value": "4.8.0.129", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins NS-ND Integration Performance Publisher Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "4.8.0.129" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2737", "url": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2737", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2737" } ] } diff --git a/2022/41xxx/CVE-2022-41229.json b/2022/41xxx/CVE-2022-41229.json index 22667e9cfe2..7bcf2a28115 100644 --- a/2022/41xxx/CVE-2022-41229.json +++ b/2022/41xxx/CVE-2022-41229.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-41229", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins NS-ND Integration Performance Publisher Plugin", - "version": { - "version_data": [ - { - "version_value": "4.8.0.134", - "version_affected": "<=" - }, - { - "version_value": "4.8.0.134", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,57 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins NS-ND Integration Performance Publisher Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "4.8.0.134", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 4.8.0.134", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2858", "url": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2858", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2858" } ] } diff --git a/2022/41xxx/CVE-2022-41230.json b/2022/41xxx/CVE-2022-41230.json index e8f59d79bc6..d2869027ded 100644 --- a/2022/41xxx/CVE-2022-41230.json +++ b/2022/41xxx/CVE-2022-41230.json @@ -21,8 +21,7 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization", - "cweId": "CWE-862" + "value": "n/a" } ] } diff --git a/2022/41xxx/CVE-2022-41231.json b/2022/41xxx/CVE-2022-41231.json index f068f5e4ffc..1c6c7816f4d 100644 --- a/2022/41xxx/CVE-2022-41231.json +++ b/2022/41xxx/CVE-2022-41231.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-41231", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Build-Publisher Plugin", - "version": { - "version_data": [ - { - "version_value": "1.22", - "version_affected": "<=" - }, - { - "version_value": "1.22", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,57 @@ "description": [ { "lang": "eng", - "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Build-Publisher Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.22", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.22", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2139", "url": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2139", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2139" } ] } diff --git a/2022/41xxx/CVE-2022-41232.json b/2022/41xxx/CVE-2022-41232.json index 2c4b74ba56c..80a2cfaf0d1 100644 --- a/2022/41xxx/CVE-2022-41232.json +++ b/2022/41xxx/CVE-2022-41232.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-41232", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Build-Publisher Plugin", - "version": { - "version_data": [ - { - "version_value": "1.22", - "version_affected": "<=" - }, - { - "version_value": "1.22", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,57 @@ "description": [ { "lang": "eng", - "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Build-Publisher Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.22", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.22", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2139", "url": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2139", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2139" } ] } diff --git a/2022/41xxx/CVE-2022-41233.json b/2022/41xxx/CVE-2022-41233.json index 833ce873887..4dc696623f8 100644 --- a/2022/41xxx/CVE-2022-41233.json +++ b/2022/41xxx/CVE-2022-41233.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-41233", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Rundeck Plugin", - "version": { - "version_data": [ - { - "version_value": "3.6.11", - "version_affected": "<=" - }, - { - "version_value": "3.6.11", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,57 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Rundeck Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "3.6.11", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 3.6.11", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2170", "url": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2170", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2170" } ] } diff --git a/2023/39xxx/CVE-2023-39736.json b/2023/39xxx/CVE-2023-39736.json index 5e86493379b..0d8a03d7d6a 100644 --- a/2023/39xxx/CVE-2023-39736.json +++ b/2023/39xxx/CVE-2023-39736.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-39736", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-39736", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The leakage of the client secret in Fukunaga_memberscard Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39736.md", + "url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39736.md" + }, + { + "refsource": "MISC", + "name": "https://liff.line.me/1657606123-4Kp0xVrP", + "url": "https://liff.line.me/1657606123-4Kp0xVrP" } ] } diff --git a/2023/46xxx/CVE-2023-46655.json b/2023/46xxx/CVE-2023-46655.json new file mode 100644 index 00000000000..f5d25305827 --- /dev/null +++ b/2023/46xxx/CVE-2023-46655.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46655", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46656.json b/2023/46xxx/CVE-2023-46656.json new file mode 100644 index 00000000000..a19a3d174eb --- /dev/null +++ b/2023/46xxx/CVE-2023-46656.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46656", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46657.json b/2023/46xxx/CVE-2023-46657.json new file mode 100644 index 00000000000..2b6bdc28de4 --- /dev/null +++ b/2023/46xxx/CVE-2023-46657.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46657", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46658.json b/2023/46xxx/CVE-2023-46658.json new file mode 100644 index 00000000000..572c98dfd7b --- /dev/null +++ b/2023/46xxx/CVE-2023-46658.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46658", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46659.json b/2023/46xxx/CVE-2023-46659.json new file mode 100644 index 00000000000..6371d781091 --- /dev/null +++ b/2023/46xxx/CVE-2023-46659.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46659", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46660.json b/2023/46xxx/CVE-2023-46660.json new file mode 100644 index 00000000000..994312926d0 --- /dev/null +++ b/2023/46xxx/CVE-2023-46660.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46660", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46661.json b/2023/46xxx/CVE-2023-46661.json new file mode 100644 index 00000000000..62055114828 --- /dev/null +++ b/2023/46xxx/CVE-2023-46661.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46661", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46662.json b/2023/46xxx/CVE-2023-46662.json new file mode 100644 index 00000000000..d35e2916550 --- /dev/null +++ b/2023/46xxx/CVE-2023-46662.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46662", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46663.json b/2023/46xxx/CVE-2023-46663.json new file mode 100644 index 00000000000..4ec88b7de12 --- /dev/null +++ b/2023/46xxx/CVE-2023-46663.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46663", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46664.json b/2023/46xxx/CVE-2023-46664.json new file mode 100644 index 00000000000..45eb2bfd2a5 --- /dev/null +++ b/2023/46xxx/CVE-2023-46664.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46664", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46665.json b/2023/46xxx/CVE-2023-46665.json new file mode 100644 index 00000000000..d19d78d6208 --- /dev/null +++ b/2023/46xxx/CVE-2023-46665.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46665", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/4xxx/CVE-2023-4407.json b/2023/4xxx/CVE-2023-4407.json index 865cdf101ab..9f55f90329e 100644 --- a/2023/4xxx/CVE-2023-4407.json +++ b/2023/4xxx/CVE-2023-4407.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/4xxx/CVE-2023-4409.json b/2023/4xxx/CVE-2023-4409.json index 4eb13867839..c4a7a2541b5 100644 --- a/2023/4xxx/CVE-2023-4409.json +++ b/2023/4xxx/CVE-2023-4409.json @@ -102,8 +102,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/4xxx/CVE-2023-4410.json b/2023/4xxx/CVE-2023-4410.json index 4d19377671a..56991347dff 100644 --- a/2023/4xxx/CVE-2023-4410.json +++ b/2023/4xxx/CVE-2023-4410.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/4xxx/CVE-2023-4411.json b/2023/4xxx/CVE-2023-4411.json index 451ee8b5e26..a2cb7819e95 100644 --- a/2023/4xxx/CVE-2023-4411.json +++ b/2023/4xxx/CVE-2023-4411.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/4xxx/CVE-2023-4412.json b/2023/4xxx/CVE-2023-4412.json index 587241cdbd7..14c15fe2d60 100644 --- a/2023/4xxx/CVE-2023-4412.json +++ b/2023/4xxx/CVE-2023-4412.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/4xxx/CVE-2023-4414.json b/2023/4xxx/CVE-2023-4414.json index ffd87226ecf..0030e04eace 100644 --- a/2023/4xxx/CVE-2023-4414.json +++ b/2023/4xxx/CVE-2023-4414.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/4xxx/CVE-2023-4415.json b/2023/4xxx/CVE-2023-4415.json index 18c72a231b4..bbcd4ea6d00 100644 --- a/2023/4xxx/CVE-2023-4415.json +++ b/2023/4xxx/CVE-2023-4415.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 7.5, - "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", - "baseSeverity": "HIGH" + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2023/4xxx/CVE-2023-4436.json b/2023/4xxx/CVE-2023-4436.json index c642211cc69..83e1bb64b49 100644 --- a/2023/4xxx/CVE-2023-4436.json +++ b/2023/4xxx/CVE-2023-4436.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/4xxx/CVE-2023-4437.json b/2023/4xxx/CVE-2023-4437.json index 4e72ef6d8d1..f35c18b3cfb 100644 --- a/2023/4xxx/CVE-2023-4437.json +++ b/2023/4xxx/CVE-2023-4437.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/4xxx/CVE-2023-4438.json b/2023/4xxx/CVE-2023-4438.json index 6e1237ed3ad..2f79a3b58e3 100644 --- a/2023/4xxx/CVE-2023-4438.json +++ b/2023/4xxx/CVE-2023-4438.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/4xxx/CVE-2023-4439.json b/2023/4xxx/CVE-2023-4439.json index e279bb5a2ff..c22935a652e 100644 --- a/2023/4xxx/CVE-2023-4439.json +++ b/2023/4xxx/CVE-2023-4439.json @@ -97,8 +97,7 @@ { "version": "2.0", "baseScore": 4, - "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2023/4xxx/CVE-2023-4440.json b/2023/4xxx/CVE-2023-4440.json index 4e39e8fe1ad..4a7394c06e6 100644 --- a/2023/4xxx/CVE-2023-4440.json +++ b/2023/4xxx/CVE-2023-4440.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/4xxx/CVE-2023-4441.json b/2023/4xxx/CVE-2023-4441.json index 0e919289e42..a099e8a420a 100644 --- a/2023/4xxx/CVE-2023-4441.json +++ b/2023/4xxx/CVE-2023-4441.json @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/4xxx/CVE-2023-4442.json b/2023/4xxx/CVE-2023-4442.json index c5ecba49d99..36364e7691a 100644 --- a/2023/4xxx/CVE-2023-4442.json +++ b/2023/4xxx/CVE-2023-4442.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/4xxx/CVE-2023-4973.json b/2023/4xxx/CVE-2023-4973.json index 5b8d8c0c456..8c7b75ec149 100644 --- a/2023/4xxx/CVE-2023-4973.json +++ b/2023/4xxx/CVE-2023-4973.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 4, - "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2023/4xxx/CVE-2023-4974.json b/2023/4xxx/CVE-2023-4974.json index 57b5e5fe64b..94fb28c3095 100644 --- a/2023/4xxx/CVE-2023-4974.json +++ b/2023/4xxx/CVE-2023-4974.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/4xxx/CVE-2023-4983.json b/2023/4xxx/CVE-2023-4983.json index f148730c5c9..1995a6e5ca8 100644 --- a/2023/4xxx/CVE-2023-4983.json +++ b/2023/4xxx/CVE-2023-4983.json @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 5, - "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ] } diff --git a/2023/4xxx/CVE-2023-4984.json b/2023/4xxx/CVE-2023-4984.json index 6223ae0aba0..784b318105a 100644 --- a/2023/4xxx/CVE-2023-4984.json +++ b/2023/4xxx/CVE-2023-4984.json @@ -107,8 +107,7 @@ { "version": "2.0", "baseScore": 4, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N" } ] } diff --git a/2023/4xxx/CVE-2023-4985.json b/2023/4xxx/CVE-2023-4985.json index 5189099ccc0..ef61475a1c7 100644 --- a/2023/4xxx/CVE-2023-4985.json +++ b/2023/4xxx/CVE-2023-4985.json @@ -92,8 +92,7 @@ { "version": "2.0", "baseScore": 4.6, - "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2023/4xxx/CVE-2023-4986.json b/2023/4xxx/CVE-2023-4986.json index 1357ca6ec7c..abcce3f029b 100644 --- a/2023/4xxx/CVE-2023-4986.json +++ b/2023/4xxx/CVE-2023-4986.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 1, - "vectorString": "AV:L/AC:H/Au:S/C:P/I:N/A:N", - "baseSeverity": "LOW" + "vectorString": "AV:L/AC:H/Au:S/C:P/I:N/A:N" } ] } diff --git a/2023/4xxx/CVE-2023-4987.json b/2023/4xxx/CVE-2023-4987.json index f81e9e03fcc..3e85c932f0d 100644 --- a/2023/4xxx/CVE-2023-4987.json +++ b/2023/4xxx/CVE-2023-4987.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 5.2, - "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5276.json b/2023/5xxx/CVE-2023-5276.json index 63a8e944a48..9003e8ae4f1 100644 --- a/2023/5xxx/CVE-2023-5276.json +++ b/2023/5xxx/CVE-2023-5276.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5277.json b/2023/5xxx/CVE-2023-5277.json index b5e9adc691c..92679fe61a9 100644 --- a/2023/5xxx/CVE-2023-5277.json +++ b/2023/5xxx/CVE-2023-5277.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5753.json b/2023/5xxx/CVE-2023-5753.json index 5947e2bdcde..842cce4c774 100644 --- a/2023/5xxx/CVE-2023-5753.json +++ b/2023/5xxx/CVE-2023-5753.json @@ -51,7 +51,7 @@ { "version_affected": "<", "version_name": "*", - "version_value": "3.4" + "version_value": "3.5" } ] } diff --git a/2023/5xxx/CVE-2023-5754.json b/2023/5xxx/CVE-2023-5754.json new file mode 100644 index 00000000000..eabca8ebd81 --- /dev/null +++ b/2023/5xxx/CVE-2023-5754.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-5754", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file