admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-06-24 21:00:44 +00:00
parent 36a0a2933d
commit 25463c7467
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
24 changed files with 1354 additions and 141 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2022/21xxx/CVE-2022-21231.json
View File

@ -48,8 +48,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-DEEPGETSET-2342655"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-DEEPGETSET-2342655",
"name": "https://snyk.io/vuln/SNYK-JS-DEEPGETSET-2342655"
}
]
},
@ -57,7 +58,7 @@
"description_data": [
{
"lang": "eng",
"value": "All versions of package deep-get-set are vulnerable to Prototype Pollution via the 'deep' function.\r\n\r\n**Note:** This vulnerability derives from an incomplete fix of [CVE-2020-7715](https://security.snyk.io/vuln/SNYK-JS-DEEPGETSET-598666)\r\n\r\n\r\n"
"value": "All versions of package deep-get-set are vulnerable to Prototype Pollution via the 'deep' function. **Note:** This vulnerability derives from an incomplete fix of [CVE-2020-7715](https://security.snyk.io/vuln/SNYK-JS-DEEPGETSET-598666)"
}
]
},

66
2022/30xxx/CVE-2022-30885.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-30885",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-30885",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** Reserved ** The pyesasky for python, as distributed on PyPI, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.2.0-1.4.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/pyesasky/",
"refsource": "MISC",
"name": "https://pypi.org/project/pyesasky/"
},
{
"url": "https://github.com/esdc-esac-esa-int/pyesasky/issues/39",
"refsource": "MISC",
"name": "https://github.com/esdc-esac-esa-int/pyesasky/issues/39"
}
]
}

66
2022/32xxx/CVE-2022-32996.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32996",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-32996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The django-navbar-client package of v0.9.50 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/django-navbar-client/",
"refsource": "MISC",
"name": "https://pypi.org/project/django-navbar-client/"
},
{
"url": "https://github.com/josubg/django_navbar_client/issues/1",
"refsource": "MISC",
"name": "https://github.com/josubg/django_navbar_client/issues/1"
}
]
}

66
2022/32xxx/CVE-2022-32997.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32997",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-32997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The RootInteractive package in PyPI v0.0.5 to v0.0.19b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/RootInteractive/",
"refsource": "MISC",
"name": "https://pypi.org/project/RootInteractive/"
},
{
"url": "https://github.com/miranov25/RootInteractive/issues/206",
"refsource": "MISC",
"name": "https://github.com/miranov25/RootInteractive/issues/206"
}
]
}

66
2022/32xxx/CVE-2022-32998.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32998",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-32998",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The cryptoasset-data-downloader package in PyPI v1.0.0 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/cryptoasset-data-downloader/",
"refsource": "MISC",
"name": "https://pypi.org/project/cryptoasset-data-downloader/"
},
{
"url": "https://github.com/serhatci/cryptocurrency-historical-data-downloader/issues/8",
"refsource": "MISC",
"name": "https://github.com/serhatci/cryptocurrency-historical-data-downloader/issues/8"
}
]
}

66
2022/32xxx/CVE-2022-32999.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32999",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-32999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The cloudlabeling package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/cloudlabeling/",
"refsource": "MISC",
"name": "https://pypi.org/project/cloudlabeling/"
},
{
"url": "https://github.com/SilvioGiancola/CloudLabeling-API/issues/1",
"refsource": "MISC",
"name": "https://github.com/SilvioGiancola/CloudLabeling-API/issues/1"
}
]
}

66
2022/33xxx/CVE-2022-33000.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-33000",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-33000",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The ML-Scanner package in PyPI v0.1.0 to v0.1.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/ml-scanner/",
"refsource": "MISC",
"name": "https://pypi.org/project/ml-scanner/"
},
{
"url": "https://github.com/bOrionis/mls/issues/1",
"refsource": "MISC",
"name": "https://github.com/bOrionis/mls/issues/1"
}
]
}

66
2022/33xxx/CVE-2022-33001.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-33001",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-33001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The AAmiles package in PyPI v0.1.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/AAmiles/",
"refsource": "MISC",
"name": "https://pypi.org/project/AAmiles/"
},
{
"url": "https://github.com/bOrionis/AAmiles/issues/1",
"refsource": "MISC",
"name": "https://github.com/bOrionis/AAmiles/issues/1"
}
]
}

66
2022/33xxx/CVE-2022-33002.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-33002",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-33002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The KGExplore package in PyPI v0.1.1 to v0.1.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/kgexplore/",
"refsource": "MISC",
"name": "https://pypi.org/project/kgexplore/"
},
{
"url": "https://github.com/smoothnlp/KGExplore/issues/13",
"refsource": "MISC",
"name": "https://github.com/smoothnlp/KGExplore/issues/13"
}
]
}

66
2022/33xxx/CVE-2022-33003.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-33003",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-33003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The watools package in PyPI v0.0.1 to v0.0.8 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/watools/",
"refsource": "MISC",
"name": "https://pypi.org/project/watools/"
},
{
"url": "https://github.com/wateraccounting/watools/issues/5",
"refsource": "MISC",
"name": "https://github.com/wateraccounting/watools/issues/5"
}
]
}

66
2022/33xxx/CVE-2022-33004.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-33004",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-33004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Beginner package in PyPI v0.0.2 to v0.0.4 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/beginner/",
"refsource": "MISC",
"name": "https://pypi.org/project/beginner/"
},
{
"url": "https://github.com/Dreambuilder4028/coder/issues/1",
"refsource": "MISC",
"name": "https://github.com/Dreambuilder4028/coder/issues/1"
}
]
}

56
2022/33xxx/CVE-2022-33121.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-33121",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-33121",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-Site Request Forgery (CSRF) in MiniCMS v1.11 allows attackers to arbitrarily delete local .dat files via clicking on a malicious link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/bg5sbk/MiniCMS/issues/45",
"refsource": "MISC",
"name": "https://github.com/bg5sbk/MiniCMS/issues/45"
}
]
}

56
2022/33xxx/CVE-2022-33122.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-33122",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-33122",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A stored cross-site scripting (XSS) vulnerability in eyoucms v1.5.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL field under the login page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/eyoucms/eyoucms/issues/24",
"refsource": "MISC",
"name": "https://github.com/eyoucms/eyoucms/issues/24"
}
]
}

66
2022/34xxx/CVE-2022-34053.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-34053",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-34053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/dr-web-engine/",
"refsource": "MISC",
"name": "https://pypi.org/project/dr-web-engine/"
},
{
"url": "https://github.com/ylliprifti/dr-web-engine/issues/4",
"refsource": "MISC",
"name": "https://github.com/ylliprifti/dr-web-engine/issues/4"
}
]
}

66
2022/34xxx/CVE-2022-34054.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-34054",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-34054",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Perdido package in PyPI v0.0.1 to v0.0.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/perdido/",
"refsource": "MISC",
"name": "https://pypi.org/project/perdido/"
},
{
"url": "https://github.com/ludovicmoncla/perdido/issues/1",
"refsource": "MISC",
"name": "https://github.com/ludovicmoncla/perdido/issues/1"
}
]
}

66
2022/34xxx/CVE-2022-34055.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-34055",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-34055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The drxhello package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/drxhello/",
"refsource": "MISC",
"name": "https://pypi.org/project/drxhello/"
},
{
"url": "https://github.com/drewxa/summer-tasks/issues/4",
"refsource": "MISC",
"name": "https://github.com/drewxa/summer-tasks/issues/4"
}
]
}

66
2022/34xxx/CVE-2022-34056.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-34056",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-34056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Watertools package in PyPI v0.0.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/watertools/",
"refsource": "MISC",
"name": "https://pypi.org/project/watertools/"
},
{
"url": "https://github.com/TimHessels/watertools/issues/1",
"refsource": "MISC",
"name": "https://github.com/TimHessels/watertools/issues/1"
}
]
}

61
2022/34xxx/CVE-2022-34057.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-34057",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-34057",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Scoptrial package in PyPI version v0.0.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/scoptrial/",
"refsource": "MISC",
"name": "https://pypi.org/project/scoptrial/"
}
]
}

66
2022/34xxx/CVE-2022-34059.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-34059",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-34059",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Sixfab-Tool in PyPI v0.0.2 to v0.0.3 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/sixfab-tool/",
"refsource": "MISC",
"name": "https://pypi.org/project/sixfab-tool/"
},
{
"url": "https://github.com/sixfab/setup-and-diagnostic-tool/issues/7",
"refsource": "MISC",
"name": "https://github.com/sixfab/setup-and-diagnostic-tool/issues/7"
}
]
}

66
2022/34xxx/CVE-2022-34060.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-34060",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-34060",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Togglee package in PyPI version v0.0.8 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/togglee/",
"refsource": "MISC",
"name": "https://pypi.org/project/togglee/"
},
{
"url": "https://github.com/togglee/togglee-python/issues/2",
"refsource": "MISC",
"name": "https://github.com/togglee/togglee-python/issues/2"
}
]
}

66
2022/34xxx/CVE-2022-34061.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-34061",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-34061",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Catly-Translate package in PyPI v0.0.3 to v0.0.5 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/catly-translate/",
"refsource": "MISC",
"name": "https://pypi.org/project/catly-translate/"
},
{
"url": "https://github.com/CatNeverCodes/catly_translate/issues/1",
"refsource": "MISC",
"name": "https://github.com/CatNeverCodes/catly_translate/issues/1"
}
]
}

61
2022/34xxx/CVE-2022-34064.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-34064",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-34064",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/zibal/",
"refsource": "MISC",
"name": "https://pypi.org/project/zibal/"
}
]
}

66
2022/34xxx/CVE-2022-34065.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-34065",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-34065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Rondolu-YT-Concate package in PyPI v0.1.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/rondolu-yt-concate/",
"refsource": "MISC",
"name": "https://pypi.org/project/rondolu-yt-concate/"
},
{
"url": "https://github.com/rondolu/project-yt-concate/issues/1",
"refsource": "MISC",
"name": "https://github.com/rondolu/project-yt-concate/issues/1"
}
]
}

66
2022/34xxx/CVE-2022-34066.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-34066",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-34066",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Texercise package in PyPI v0.0.1 to v0.0.12 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://pypi.doubanio.com/simple/request",
"refsource": "MISC",
"name": "http://pypi.doubanio.com/simple/request"
},
{
"url": "https://pypi.org/project/texercise/",
"refsource": "MISC",
"name": "https://pypi.org/project/texercise/"
},
{
"url": "https://github.com/rasmushaugaard/texercise-cli/issues/1",
"refsource": "MISC",
"name": "https://github.com/rasmushaugaard/texercise-cli/issues/1"
}
]
}