"-Synchronized-Data."

2025-06-19 17:32:41 +00:00 · 2020-01-30 19:01:25 +00:00 · 2020-01-30 19:01:25 +00:00 · 24abf8c61f
commit 24abf8c61f
parent 536030b7dc
7 changed files with 107 additions and 6 deletions
--- a/2019/14xxx/CVE-2019-14615.json
+++ b/2019/14xxx/CVE-2019-14615.json
@ -49,6 +49,11 @@
                "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00314.html",
                "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00314.html"
            },
+            {
+                "refsource": "UBUNTU",
+                "name": "USN-4253-1",
+                "url": "https://usn.ubuntu.com/4253-1/"
+            },
            {
                "refsource": "UBUNTU",
                "name": "USN-4254-1",
--- a/2019/17xxx/CVE-2019-17570.json
+++ b/2019/17xxx/CVE-2019-17570.json
@ -58,6 +58,11 @@
                "refsource": "MLIST",
                "name": "[oss-security] 20200124 RE: [CVE-2019-17570] xmlrpc-common untrusted deserialization",
                "url": "http://www.openwall.com/lists/oss-security/2020/01/24/2"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[debian-lts-announce] 20200130 [SECURITY] [DLA 2078-1] libxmlrpc3-java security update",
+                "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00033.html"
            }
        ]
    },
--- a/2020/5xxx/CVE-2020-5233.json
+++ b/2020/5xxx/CVE-2020-5233.json
@ -35,7 +35,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "OAuth2 Proxy before 5.0 has an open redirect vulnerability. Authentication tokens could be silently harvested by an attacker.\n\nThis has been patched in version 5.0."
+                "value": "OAuth2 Proxy before 5.0 has an open redirect vulnerability. Authentication tokens could be silently harvested by an attacker. This has been patched in version 5.0."
            }
        ]
    },
--- a/2020/8xxx/CVE-2020-8093.json
+++ b/2020/8xxx/CVE-2020-8093.json
@ -81,8 +81,9 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://www.bitdefender.com/support/security-advisories/code-injection-into-bitdefender-antivirus-for-mac-va-3441/"
+                "refsource": "MISC",
+                "url": "https://www.bitdefender.com/support/security-advisories/code-injection-into-bitdefender-antivirus-for-mac-va-3441/",
+                "name": "https://www.bitdefender.com/support/security-advisories/code-injection-into-bitdefender-antivirus-for-mac-va-3441/"
            }
        ]
    },
--- a/2020/8xxx/CVE-2020-8491.json
+++ b/2020/8xxx/CVE-2020-8491.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2020-8491",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2020/8xxx/CVE-2020-8492.json
+++ b/2020/8xxx/CVE-2020-8492.json
@ -0,0 +1,72 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2020-8492",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://bugs.python.org/issue39503",
+                "refsource": "MISC",
+                "name": "https://bugs.python.org/issue39503"
+            },
+            {
+                "url": "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html",
+                "refsource": "MISC",
+                "name": "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html"
+            },
+            {
+                "url": "https://github.com/python/cpython/pull/18284",
+                "refsource": "MISC",
+                "name": "https://github.com/python/cpython/pull/18284"
+            }
+        ]
+    }
+}