From 2930957d6ddfbfb3575acae7607ca760ccd6251c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 9 Jul 2021 12:00:56 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2012/2xxx/CVE-2012-2689.json | 14 ++++---- 2012/4xxx/CVE-2012-4509.json | 14 ++++---- 2012/5xxx/CVE-2012-5632.json | 14 ++++---- 2012/6xxx/CVE-2012-6688.json | 14 ++++---- 2020/35xxx/CVE-2020-35452.json | 5 +++ 2021/26xxx/CVE-2021-26690.json | 5 +++ 2021/26xxx/CVE-2021-26691.json | 5 +++ 2021/30xxx/CVE-2021-30641.json | 5 +++ 2021/31xxx/CVE-2021-31618.json | 5 +++ 2021/36xxx/CVE-2021-36153.json | 66 ++++++++++++++++++++++++++++++---- 2021/36xxx/CVE-2021-36154.json | 66 ++++++++++++++++++++++++++++++---- 2021/36xxx/CVE-2021-36155.json | 66 ++++++++++++++++++++++++++++++---- 12 files changed, 233 insertions(+), 46 deletions(-) diff --git a/2012/2xxx/CVE-2012-2689.json b/2012/2xxx/CVE-2012-2689.json index 27f88e38526..e6419cb7e41 100644 --- a/2012/2xxx/CVE-2012-2689.json +++ b/2012/2xxx/CVE-2012-2689.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2012-2689", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-2689", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none." } ] } diff --git a/2012/4xxx/CVE-2012-4509.json b/2012/4xxx/CVE-2012-4509.json index 574d9c4e67f..0b991d2db45 100644 --- a/2012/4xxx/CVE-2012-4509.json +++ b/2012/4xxx/CVE-2012-4509.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2012-4509", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-4509", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none." } ] } diff --git a/2012/5xxx/CVE-2012-5632.json b/2012/5xxx/CVE-2012-5632.json index e077c28b778..3c23baeb86a 100644 --- a/2012/5xxx/CVE-2012-5632.json +++ b/2012/5xxx/CVE-2012-5632.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2012-5632", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-5632", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none." } ] } diff --git a/2012/6xxx/CVE-2012-6688.json b/2012/6xxx/CVE-2012-6688.json index bcc8806bfe4..04da29e468a 100644 --- a/2012/6xxx/CVE-2012-6688.json +++ b/2012/6xxx/CVE-2012-6688.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2012-6688", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-6688", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none." } ] } diff --git a/2020/35xxx/CVE-2020-35452.json b/2020/35xxx/CVE-2020-35452.json index d5818030094..4a21cc61cd8 100644 --- a/2020/35xxx/CVE-2020-35452.json +++ b/2020/35xxx/CVE-2020-35452.json @@ -243,6 +243,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" + }, + { + "refsource": "DEBIAN", + "name": "DSA-4937", + "url": "https://www.debian.org/security/2021/dsa-4937" } ] }, diff --git a/2021/26xxx/CVE-2021-26690.json b/2021/26xxx/CVE-2021-26690.json index 0c7434e4c04..092f5e15a26 100644 --- a/2021/26xxx/CVE-2021-26690.json +++ b/2021/26xxx/CVE-2021-26690.json @@ -243,6 +243,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" + }, + { + "refsource": "DEBIAN", + "name": "DSA-4937", + "url": "https://www.debian.org/security/2021/dsa-4937" } ] }, diff --git a/2021/26xxx/CVE-2021-26691.json b/2021/26xxx/CVE-2021-26691.json index 70cf5136c88..61eb83d13b7 100644 --- a/2021/26xxx/CVE-2021-26691.json +++ b/2021/26xxx/CVE-2021-26691.json @@ -243,6 +243,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" + }, + { + "refsource": "DEBIAN", + "name": "DSA-4937", + "url": "https://www.debian.org/security/2021/dsa-4937" } ] }, diff --git a/2021/30xxx/CVE-2021-30641.json b/2021/30xxx/CVE-2021-30641.json index 63ccbcf1b8d..ce660e82676 100644 --- a/2021/30xxx/CVE-2021-30641.json +++ b/2021/30xxx/CVE-2021-30641.json @@ -118,6 +118,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" + }, + { + "refsource": "DEBIAN", + "name": "DSA-4937", + "url": "https://www.debian.org/security/2021/dsa-4937" } ] }, diff --git a/2021/31xxx/CVE-2021-31618.json b/2021/31xxx/CVE-2021-31618.json index 4aa527f33d7..11232b6b11b 100644 --- a/2021/31xxx/CVE-2021-31618.json +++ b/2021/31xxx/CVE-2021-31618.json @@ -107,6 +107,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" + }, + { + "refsource": "DEBIAN", + "name": "DSA-4937", + "url": "https://www.debian.org/security/2021/dsa-4937" } ] }, diff --git a/2021/36xxx/CVE-2021-36153.json b/2021/36xxx/CVE-2021-36153.json index c55df0d8b9e..a27a3405383 100644 --- a/2021/36xxx/CVE-2021-36153.json +++ b/2021/36xxx/CVE-2021-36153.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-36153", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-36153", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Mismanaged state in GRPCWebToHTTP2ServerCodec.swift in gRPC Swift 1.1.0 and 1.1.1 allows remote attackers to deny service by sending malformed requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35267", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35267" + }, + { + "url": "https://github.com/grpc/grpc-swift/releases", + "refsource": "MISC", + "name": "https://github.com/grpc/grpc-swift/releases" + }, + { + "refsource": "MISC", + "name": "https://github.com/grpc/grpc-swift/security/advisories/GHSA-2jx2-qcm4-rf9h", + "url": "https://github.com/grpc/grpc-swift/security/advisories/GHSA-2jx2-qcm4-rf9h" } ] } diff --git a/2021/36xxx/CVE-2021-36154.json b/2021/36xxx/CVE-2021-36154.json index 83f3a05e74a..20d0f2f32e7 100644 --- a/2021/36xxx/CVE-2021-36154.json +++ b/2021/36xxx/CVE-2021-36154.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-36154", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-36154", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/grpc/grpc-swift/releases", + "refsource": "MISC", + "name": "https://github.com/grpc/grpc-swift/releases" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35274", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35274" + }, + { + "refsource": "MISC", + "name": "https://github.com/grpc/grpc-swift/security/advisories/GHSA-4rhq-vq24-88gw", + "url": "https://github.com/grpc/grpc-swift/security/advisories/GHSA-4rhq-vq24-88gw" } ] } diff --git a/2021/36xxx/CVE-2021-36155.json b/2021/36xxx/CVE-2021-36155.json index fb094ff7188..fcd33d48c4a 100644 --- a/2021/36xxx/CVE-2021-36155.json +++ b/2021/36xxx/CVE-2021-36155.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-36155", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-36155", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "LengthPrefixedMessageReader in gRPC Swift 1.1.0 and earlier allocates buffers of arbitrary length, which allows remote attackers to cause uncontrolled resource consumption and deny service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/grpc/grpc-swift/releases", + "refsource": "MISC", + "name": "https://github.com/grpc/grpc-swift/releases" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35303", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35303" + }, + { + "refsource": "MISC", + "name": "https://github.com/grpc/grpc-swift/security/advisories/GHSA-rxmj-hg9v-vp3p", + "url": "https://github.com/grpc/grpc-swift/security/advisories/GHSA-rxmj-hg9v-vp3p" } ] }