From 27ff26ab2c4d858ef1058d22679c25110f5e24b5 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 18 Apr 2021 19:00:42 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/23xxx/CVE-2021-23374.json | 12 +++++++----- 2021/23xxx/CVE-2021-23375.json | 12 +++++++----- 2021/23xxx/CVE-2021-23376.json | 12 +++++++----- 2021/23xxx/CVE-2021-23377.json | 12 +++++++----- 2021/23xxx/CVE-2021-23378.json | 12 +++++++----- 2021/23xxx/CVE-2021-23379.json | 12 +++++++----- 2021/23xxx/CVE-2021-23380.json | 12 +++++++----- 2021/23xxx/CVE-2021-23381.json | 12 +++++++----- 8 files changed, 56 insertions(+), 40 deletions(-) diff --git a/2021/23xxx/CVE-2021-23374.json b/2021/23xxx/CVE-2021-23374.json index 5dec5ad1b44..79ea4f5dc82 100644 --- a/2021/23xxx/CVE-2021-23374.json +++ b/2021/23xxx/CVE-2021-23374.json @@ -48,12 +48,14 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-JS-PSVISITOR-1078544" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-JS-PSVISITOR-1078544", + "name": "https://snyk.io/vuln/SNYK-JS-PSVISITOR-1078544" }, { - "refsource": "CONFIRM", - "url": "https://github.com/WisdomKwan/ps-visitor/blob/cdfc934a8e4af95aa0473f4b2a4bd091d09faf2f/index.js%23L404" + "refsource": "MISC", + "url": "https://github.com/WisdomKwan/ps-visitor/blob/cdfc934a8e4af95aa0473f4b2a4bd091d09faf2f/index.js%23L404", + "name": "https://github.com/WisdomKwan/ps-visitor/blob/cdfc934a8e4af95aa0473f4b2a4bd091d09faf2f/index.js%23L404" } ] }, @@ -61,7 +63,7 @@ "description_data": [ { "lang": "eng", - "value": "This affects all versions of package ps-visitor.\n If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands.\r\nThis is due to use of the child_process exec function without input sanitization.\r\n\r\n\r\n" + "value": "This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization." } ] }, diff --git a/2021/23xxx/CVE-2021-23375.json b/2021/23xxx/CVE-2021-23375.json index ada21e08a19..c8b7545423d 100644 --- a/2021/23xxx/CVE-2021-23375.json +++ b/2021/23xxx/CVE-2021-23375.json @@ -48,12 +48,14 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-JS-PSNODE-1078543" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-JS-PSNODE-1078543", + "name": "https://snyk.io/vuln/SNYK-JS-PSNODE-1078543" }, { - "refsource": "CONFIRM", - "url": "https://github.com/nrako/psnode/blob/076f623689e4506d3647505daca13b3f482e0c31/lib/index.js%23L59" + "refsource": "MISC", + "url": "https://github.com/nrako/psnode/blob/076f623689e4506d3647505daca13b3f482e0c31/lib/index.js%23L59", + "name": "https://github.com/nrako/psnode/blob/076f623689e4506d3647505daca13b3f482e0c31/lib/index.js%23L59" } ] }, @@ -61,7 +63,7 @@ "description_data": [ { "lang": "eng", - "value": "This affects all versions of package psnode.\n If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands.\r\nThis is due to use of the child_process exec function without input sanitization.\r\n\r\n\r\n" + "value": "This affects all versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization." } ] }, diff --git a/2021/23xxx/CVE-2021-23376.json b/2021/23xxx/CVE-2021-23376.json index 034d5cdb234..26bc9ba9123 100644 --- a/2021/23xxx/CVE-2021-23376.json +++ b/2021/23xxx/CVE-2021-23376.json @@ -48,12 +48,14 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-JS-FFMPEGDOTJS-1078542" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-JS-FFMPEGDOTJS-1078542", + "name": "https://snyk.io/vuln/SNYK-JS-FFMPEGDOTJS-1078542" }, { - "refsource": "CONFIRM", - "url": "https://github.com/TRomesh/ffmpegdotjs/blob/b7395daf0bdcb81218340427eb7073cdd28462af/index.js%23L219" + "refsource": "MISC", + "url": "https://github.com/TRomesh/ffmpegdotjs/blob/b7395daf0bdcb81218340427eb7073cdd28462af/index.js%23L219", + "name": "https://github.com/TRomesh/ffmpegdotjs/blob/b7395daf0bdcb81218340427eb7073cdd28462af/index.js%23L219" } ] }, @@ -61,7 +63,7 @@ "description_data": [ { "lang": "eng", - "value": "This affects all versions of package ffmpegdotjs.\n If attacker-controlled user input is given to the trimvideo function, it is possible for an attacker to execute arbitrary commands.\r\nThis is due to use of the child_process exec function without input sanitization.\r\n\r\n\r\n" + "value": "This affects all versions of package ffmpegdotjs. If attacker-controlled user input is given to the trimvideo function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization." } ] }, diff --git a/2021/23xxx/CVE-2021-23377.json b/2021/23xxx/CVE-2021-23377.json index 94ccb30374d..d280ebde340 100644 --- a/2021/23xxx/CVE-2021-23377.json +++ b/2021/23xxx/CVE-2021-23377.json @@ -48,12 +48,14 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-JS-ONIONOLEDJS-1078808" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-JS-ONIONOLEDJS-1078808", + "name": "https://snyk.io/vuln/SNYK-JS-ONIONOLEDJS-1078808" }, { - "refsource": "CONFIRM", - "url": "https://github.com/naddeoa/onion-oled-js/blob/8a523645d2cc29130f98de661b742893773d760d/src/oled-exp.js%23L91" + "refsource": "MISC", + "url": "https://github.com/naddeoa/onion-oled-js/blob/8a523645d2cc29130f98de661b742893773d760d/src/oled-exp.js%23L91", + "name": "https://github.com/naddeoa/onion-oled-js/blob/8a523645d2cc29130f98de661b742893773d760d/src/oled-exp.js%23L91" } ] }, @@ -61,7 +63,7 @@ "description_data": [ { "lang": "eng", - "value": "This affects all versions of package onion-oled-js.\n If attacker-controlled user input is given to the scroll function, it is possible for an attacker to execute arbitrary commands.\r\nThis is due to use of the child_process exec function without input sanitization.\r\n\r\n\r\n" + "value": "This affects all versions of package onion-oled-js. If attacker-controlled user input is given to the scroll function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization." } ] }, diff --git a/2021/23xxx/CVE-2021-23378.json b/2021/23xxx/CVE-2021-23378.json index 15264050a7a..6d598173370 100644 --- a/2021/23xxx/CVE-2021-23378.json +++ b/2021/23xxx/CVE-2021-23378.json @@ -48,12 +48,14 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-JS-PICOTTS-1078539" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-JS-PICOTTS-1078539", + "name": "https://snyk.io/vuln/SNYK-JS-PICOTTS-1078539" }, { - "refsource": "CONFIRM", - "url": "https://github.com/luisivan/node-picotts/blob/8c6b183b884890c8e9422f93036b374942398c8b/index.js%23L16" + "refsource": "MISC", + "url": "https://github.com/luisivan/node-picotts/blob/8c6b183b884890c8e9422f93036b374942398c8b/index.js%23L16", + "name": "https://github.com/luisivan/node-picotts/blob/8c6b183b884890c8e9422f93036b374942398c8b/index.js%23L16" } ] }, @@ -61,7 +63,7 @@ "description_data": [ { "lang": "eng", - "value": "This affects all versions of package picotts.\n If attacker-controlled user input is given to the say function, it is possible for an attacker to execute arbitrary commands.\r\nThis is due to use of the child_process exec function without input sanitization.\r\n\r\n\r\n" + "value": "This affects all versions of package picotts. If attacker-controlled user input is given to the say function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization." } ] }, diff --git a/2021/23xxx/CVE-2021-23379.json b/2021/23xxx/CVE-2021-23379.json index 37126697036..e512f6a6cca 100644 --- a/2021/23xxx/CVE-2021-23379.json +++ b/2021/23xxx/CVE-2021-23379.json @@ -48,12 +48,14 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-JS-PORTKILLER-1078537" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-JS-PORTKILLER-1078537", + "name": "https://snyk.io/vuln/SNYK-JS-PORTKILLER-1078537" }, { - "refsource": "CONFIRM", - "url": "https://github.com/indatawetrust/portkiller/blob/f1f1c5076d9c5d60e8dd3930e98d665d8191aa7a/index.js%23L10" + "refsource": "MISC", + "url": "https://github.com/indatawetrust/portkiller/blob/f1f1c5076d9c5d60e8dd3930e98d665d8191aa7a/index.js%23L10", + "name": "https://github.com/indatawetrust/portkiller/blob/f1f1c5076d9c5d60e8dd3930e98d665d8191aa7a/index.js%23L10" } ] }, @@ -61,7 +63,7 @@ "description_data": [ { "lang": "eng", - "value": "This affects all versions of package portkiller.\n If (attacker-controlled) user input is given, it is possible for an attacker to execute arbitrary commands.\r\nThis is due to use of the child_process exec function without input sanitization.\r\n\r\n\r\n" + "value": "This affects all versions of package portkiller. If (attacker-controlled) user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization." } ] }, diff --git a/2021/23xxx/CVE-2021-23380.json b/2021/23xxx/CVE-2021-23380.json index be75c39a6eb..7154dcfcd3f 100644 --- a/2021/23xxx/CVE-2021-23380.json +++ b/2021/23xxx/CVE-2021-23380.json @@ -48,12 +48,14 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-JS-ROARPIDUSAGE-1078528" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-JS-ROARPIDUSAGE-1078528", + "name": "https://snyk.io/vuln/SNYK-JS-ROARPIDUSAGE-1078528" }, { - "refsource": "CONFIRM", - "url": "https://github.com/Svjard/pidusage/blob/772cd2bd675ff7b1244b6fe3d7541692b1b9e42c/lib/stats.js%23L103" + "refsource": "MISC", + "url": "https://github.com/Svjard/pidusage/blob/772cd2bd675ff7b1244b6fe3d7541692b1b9e42c/lib/stats.js%23L103", + "name": "https://github.com/Svjard/pidusage/blob/772cd2bd675ff7b1244b6fe3d7541692b1b9e42c/lib/stats.js%23L103" } ] }, @@ -61,7 +63,7 @@ "description_data": [ { "lang": "eng", - "value": "This affects all versions of package roar-pidusage.\n If attacker-controlled user input is given to the stat function of this package on certain operating systems, it is possible for an attacker to execute arbitrary commands.\r\nThis is due to use of the child_process exec function without input sanitization.\r\n\r\n\r\n" + "value": "This affects all versions of package roar-pidusage. If attacker-controlled user input is given to the stat function of this package on certain operating systems, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization." } ] }, diff --git a/2021/23xxx/CVE-2021-23381.json b/2021/23xxx/CVE-2021-23381.json index e70c2e55055..da272ec59de 100644 --- a/2021/23xxx/CVE-2021-23381.json +++ b/2021/23xxx/CVE-2021-23381.json @@ -48,12 +48,14 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-JS-KILLING-1078532" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-JS-KILLING-1078532", + "name": "https://snyk.io/vuln/SNYK-JS-KILLING-1078532" }, { - "refsource": "CONFIRM", - "url": "https://github.com/xudafeng/killing/blob/672ed164ccdd10c0a8fb93c5c6d2456f1dfab781/lib/killing.js%23L62" + "refsource": "MISC", + "url": "https://github.com/xudafeng/killing/blob/672ed164ccdd10c0a8fb93c5c6d2456f1dfab781/lib/killing.js%23L62", + "name": "https://github.com/xudafeng/killing/blob/672ed164ccdd10c0a8fb93c5c6d2456f1dfab781/lib/killing.js%23L62" } ] }, @@ -61,7 +63,7 @@ "description_data": [ { "lang": "eng", - "value": "This affects all versions of package killing.\n If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands.\r\nThis is due to use of the child_process exec function without input sanitization.\r\n\r\n\r\n" + "value": "This affects all versions of package killing. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization." } ] },