From 1ece5fc11314812cad973635457d8ef92fe2025b Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 14 Apr 2021 07:00:44 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2017/20xxx/CVE-2017-20004.json | 67 ++++++++++++++++++++++++++++++++++ 2018/25xxx/CVE-2018-25008.json | 67 ++++++++++++++++++++++++++++++++++ 2020/15xxx/CVE-2020-15250.json | 5 +++ 2020/36xxx/CVE-2020-36323.json | 67 ++++++++++++++++++++++++++++++++++ 2021/31xxx/CVE-2021-31162.json | 67 ++++++++++++++++++++++++++++++++++ 5 files changed, 273 insertions(+) create mode 100644 2017/20xxx/CVE-2017-20004.json create mode 100644 2018/25xxx/CVE-2018-25008.json create mode 100644 2020/36xxx/CVE-2020-36323.json create mode 100644 2021/31xxx/CVE-2021-31162.json diff --git a/2017/20xxx/CVE-2017-20004.json b/2017/20xxx/CVE-2017-20004.json new file mode 100644 index 00000000000..28897707293 --- /dev/null +++ b/2017/20xxx/CVE-2017-20004.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-20004", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/rust-lang/rust/issues/41622", + "refsource": "MISC", + "name": "https://github.com/rust-lang/rust/issues/41622" + }, + { + "url": "https://github.com/rust-lang/rust/pull/41624", + "refsource": "MISC", + "name": "https://github.com/rust-lang/rust/pull/41624" + } + ] + } +} \ No newline at end of file diff --git a/2018/25xxx/CVE-2018-25008.json b/2018/25xxx/CVE-2018-25008.json new file mode 100644 index 00000000000..c4bdf21fd42 --- /dev/null +++ b/2018/25xxx/CVE-2018-25008.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-25008", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/rust-lang/rust/issues/51780", + "refsource": "MISC", + "name": "https://github.com/rust-lang/rust/issues/51780" + }, + { + "url": "https://github.com/rust-lang/rust/pull/52031", + "refsource": "MISC", + "name": "https://github.com/rust-lang/rust/pull/52031" + } + ] + } +} \ No newline at end of file diff --git a/2020/15xxx/CVE-2020-15250.json b/2020/15xxx/CVE-2020-15250.json index 20e9b908277..8c50df50497 100644 --- a/2020/15xxx/CVE-2020-15250.json +++ b/2020/15xxx/CVE-2020-15250.json @@ -163,6 +163,11 @@ "refsource": "MLIST", "name": "[pulsar-commits] 20210413 [GitHub] [pulsar] lhotari commented on pull request #10147: [Security] Upgrade junit version to 4.13.1 to resolve CVE-2020-15250 and fix test dependency leak", "url": "https://lists.apache.org/thread.html/rde8e70b95c992378e8570e4df400c6008a9839eabdfb8f800a3e5af6@%3Ccommits.pulsar.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[pulsar-commits] 20210414 [GitHub] [pulsar] lhotari commented on pull request #10147: [Security] Upgrade junit version to 4.13.1 to resolve CVE-2020-15250 and fix test dependency leak", + "url": "https://lists.apache.org/thread.html/rdef7d1380c86e7c0edf8a0f89a2a8db86fce5e363457d56b722691b4@%3Ccommits.pulsar.apache.org%3E" } ] }, diff --git a/2020/36xxx/CVE-2020-36323.json b/2020/36xxx/CVE-2020-36323.json new file mode 100644 index 00000000000..85930cb2cbf --- /dev/null +++ b/2020/36xxx/CVE-2020-36323.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-36323", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the standard library in Rust before 1.50.3, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/rust-lang/rust/issues/80335", + "refsource": "MISC", + "name": "https://github.com/rust-lang/rust/issues/80335" + }, + { + "url": "https://github.com/rust-lang/rust/pull/81728", + "refsource": "MISC", + "name": "https://github.com/rust-lang/rust/pull/81728" + } + ] + } +} \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31162.json b/2021/31xxx/CVE-2021-31162.json new file mode 100644 index 00000000000..e10202977c4 --- /dev/null +++ b/2021/31xxx/CVE-2021-31162.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-31162", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the standard library in Rust before 1.53.0, a double free can occur in the Vec::from_iter function if freeing the element panics." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/rust-lang/rust/issues/83618", + "refsource": "MISC", + "name": "https://github.com/rust-lang/rust/issues/83618" + }, + { + "url": "https://github.com/rust-lang/rust/pull/83629", + "refsource": "MISC", + "name": "https://github.com/rust-lang/rust/pull/83629" + } + ] + } +} \ No newline at end of file