From 200cb9186f5007964a74af3c6ddfaf5389318421 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 15 Nov 2022 17:00:32 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/3xxx/CVE-2022-3997.json | 14 ++++++--- 2022/3xxx/CVE-2022-3998.json | 12 +++++--- 2022/43xxx/CVE-2022-43071.json | 56 ++++++++++++++++++++++++++++++---- 2022/45xxx/CVE-2022-45442.json | 18 +++++++++++ 4 files changed, 85 insertions(+), 15 deletions(-) create mode 100644 2022/45xxx/CVE-2022-45442.json diff --git a/2022/3xxx/CVE-2022-3997.json b/2022/3xxx/CVE-2022-3997.json index 40206f72925..4edd4490aa9 100644 --- a/2022/3xxx/CVE-2022-3997.json +++ b/2022/3xxx/CVE-2022-3997.json @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -49,7 +49,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability, which was classified as critical, has been found in MonikaBrzica scm. Affected by this issue is some unknown functionality of the file upis_u_bazu.php. The manipulation of the argument email\/lozinka\/ime\/id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-213698 is the identifier assigned to this vulnerability." + "value": "A vulnerability, which was classified as critical, has been found in MonikaBrzica scm. Affected by this issue is some unknown functionality of the file upis_u_bazu.php. The manipulation of the argument email/lozinka/ime/id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-213698 is the identifier assigned to this vulnerability." } ] }, @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "6.3", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } }, "references": { "reference_data": [ { - "url": "https:\/\/github.com\/MonikaBrzica\/scm\/issues\/2" + "url": "https://github.com/MonikaBrzica/scm/issues/2", + "refsource": "MISC", + "name": "https://github.com/MonikaBrzica/scm/issues/2" }, { - "url": "https:\/\/vuldb.com\/?id.213698" + "url": "https://vuldb.com/?id.213698", + "refsource": "MISC", + "name": "https://vuldb.com/?id.213698" } ] } diff --git a/2022/3xxx/CVE-2022-3998.json b/2022/3xxx/CVE-2022-3998.json index cb7128e2414..ab455c250d6 100644 --- a/2022/3xxx/CVE-2022-3998.json +++ b/2022/3xxx/CVE-2022-3998.json @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "6.3", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } }, "references": { "reference_data": [ { - "url": "https:\/\/github.com\/MonikaBrzica\/scm\/issues\/1" + "url": "https://github.com/MonikaBrzica/scm/issues/1", + "refsource": "MISC", + "name": "https://github.com/MonikaBrzica/scm/issues/1" }, { - "url": "https:\/\/vuldb.com\/?id.213699" + "url": "https://vuldb.com/?id.213699", + "refsource": "MISC", + "name": "https://vuldb.com/?id.213699" } ] } diff --git a/2022/43xxx/CVE-2022-43071.json b/2022/43xxx/CVE-2022-43071.json index e14b379c2e2..69e296233ca 100644 --- a/2022/43xxx/CVE-2022-43071.json +++ b/2022/43xxx/CVE-2022-43071.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-43071", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-43071", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A stack overflow in the Catalog::readPageLabelTree2(Object*) function of XPDF v4.04 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=42349&p=43959#p43959", + "refsource": "MISC", + "name": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=42349&p=43959#p43959" } ] } diff --git a/2022/45xxx/CVE-2022-45442.json b/2022/45xxx/CVE-2022-45442.json new file mode 100644 index 00000000000..fa784e6ef3f --- /dev/null +++ b/2022/45xxx/CVE-2022-45442.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-45442", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file