admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-11-17 00:00:33 +00:00
parent 09ace2d8f2
commit 2a10cecfff
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
4 changed files with 327 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
2021/38xxx/CVE-2021-38819.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-38819",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-38819",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A SQL injection vulnerability exits on the Simple Image Gallery System 1.0 application through \"id\" parameter on the album page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/m4sk0ff/CVE-2021-38819/blob/main/CVE-2021-38819.md",
"url": "https://github.com/m4sk0ff/CVE-2021-38819/blob/main/CVE-2021-38819.md"
}
]
}

56
2022/42xxx/CVE-2022-42960.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42960",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-42960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "EqualWeb Accessibility Widget 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.1.10, 3.0.0, 3.0.1, 3.0.2, 4.0.0, and 4.0.1 allows DOM XSS due to improper validation of message events to accessibility.js."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.imperva.com/blog/vulnerability-discovered-in-equalweb-accessibility-widget/",
"url": "https://www.imperva.com/blog/vulnerability-discovered-in-equalweb-accessibility-widget/"
}
]
}

149
2022/43xxx/CVE-2022-43781.json
View File

@ -1,18 +1,157 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43781",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@atlassian.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbitrary code on the system. This vulnerability can be unauthenticated if the Bitbucket Server and Data Center instance has enabled \u201cAllow public signup\u201d."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "RCE (Remote Code Execution)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Atlassian",
"product": {
"product_data": [
{
"product_name": "Bitbucket Data Center",
"version": {
"version_data": [
{
"version_value": "before 7.0",
"version_affected": "!"
},
{
"version_value": "before 7.17.12",
"version_affected": "="
},
{
"version_value": "before 7.21.6",
"version_affected": "="
},
{
"version_value": "before 7.6.19",
"version_affected": "="
},
{
"version_value": "before 8.0.5",
"version_affected": "="
},
{
"version_value": "before 8.1.5",
"version_affected": "="
},
{
"version_value": "before 8.2.4",
"version_affected": "="
},
{
"version_value": "before 8.3.3",
"version_affected": "="
},
{
"version_value": "before 8.4.2",
"version_affected": "="
},
{
"version_value": "before 8.5.0",
"version_affected": "="
}
]
}
},
{
"product_name": "Bitbucket Server",
"version": {
"version_data": [
{
"version_value": "before 7.0",
"version_affected": "!"
},
{
"version_value": "before 7.17.12",
"version_affected": "="
},
{
"version_value": "before 7.21.6",
"version_affected": "="
},
{
"version_value": "before 7.6.19",
"version_affected": "="
},
{
"version_value": "before 8.0.5",
"version_affected": "="
},
{
"version_value": "before 8.1.5",
"version_affected": "="
},
{
"version_value": "before 8.2.4",
"version_affected": "="
},
{
"version_value": "before 8.3.3",
"version_affected": "="
},
{
"version_value": "before 8.4.2",
"version_affected": "="
},
{
"version_value": "before 8.5.0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://confluence.atlassian.com/x/Y4hXRg",
"refsource": "MISC",
"name": "https://confluence.atlassian.com/x/Y4hXRg"
},
{
"url": "https://jira.atlassian.com/browse/BSERV-13522",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/BSERV-13522"
}
]
},
"credits": [
{
"lang": "en",
"value": "https://github.com/Ry0taK"
}
]
}

88
2022/43xxx/CVE-2022-43782.json
View File

@ -1,18 +1,96 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43782",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@atlassian.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration and subsequent ability to call privileged endpoints in Crowd's REST API under the {{usermanagement}} path. This vulnerability can only be exploited by IPs specified under the crowd application allowlist in the Remote Addresses configuration, which is {{none}} by default. The affected versions are all versions 3.x.x, versions 4.x.x before version 4.4.4, and versions 5.x.x before 5.0.3"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Security Misconfiguration"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Atlassian",
"product": {
"product_data": [
{
"product_name": "Crowd Data Center",
"version": {
"version_data": [
{
"version_value": "before 3.0.0",
"version_affected": "!"
},
{
"version_value": "before 4.4.4",
"version_affected": "="
},
{
"version_value": "before 5.0.3",
"version_affected": "="
}
]
}
},
{
"product_name": "Crowd Server",
"version": {
"version_data": [
{
"version_value": "before 3.0.0",
"version_affected": "!"
},
{
"version_value": "before 4.4.4",
"version_affected": "="
},
{
"version_value": "before 5.0.3",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/CWD-5888",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/CWD-5888"
}
]
},
"credits": [
{
"lang": "en",
"value": "Ashish Kotha"
}
]
}