diff --git a/2019/11xxx/CVE-2019-11345.json b/2019/11xxx/CVE-2019-11345.json index 6c9be22b150..5bf8da41e2e 100644 --- a/2019/11xxx/CVE-2019-11345.json +++ b/2019/11xxx/CVE-2019-11345.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-11345", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-11345", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN Center 10.0.x before 10.0.7 allow XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://support.citrix.com/article/CTX247737", + "url": "https://support.citrix.com/article/CTX247737" } ] } diff --git a/2019/12xxx/CVE-2019-12428.json b/2019/12xxx/CVE-2019-12428.json index 751684ea878..32ed8e99334 100644 --- a/2019/12xxx/CVE-2019-12428.json +++ b/2019/12xxx/CVE-2019-12428.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-12428", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-12428", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition 6.8 through 11.11. It has Improper Authorization." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/", + "url": "https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/" } ] } diff --git a/2019/12xxx/CVE-2019-12429.json b/2019/12xxx/CVE-2019-12429.json index 9c27457ef19..71801f23f18 100644 --- a/2019/12xxx/CVE-2019-12429.json +++ b/2019/12xxx/CVE-2019-12429.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-12429", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-12429", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition 11.9 through 11.11. It has Improper Access Control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/", + "url": "https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/" } ] } diff --git a/2019/12xxx/CVE-2019-12430.json b/2019/12xxx/CVE-2019-12430.json index 73f218c1c8e..142476ae4ef 100644 --- a/2019/12xxx/CVE-2019-12430.json +++ b/2019/12xxx/CVE-2019-12430.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-12430", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-12430", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition 11.11. It allows Command Injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/", + "url": "https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/" } ] } diff --git a/2019/12xxx/CVE-2019-12431.json b/2019/12xxx/CVE-2019-12431.json index a20bf7d0c7f..2a8f60d4214 100644 --- a/2019/12xxx/CVE-2019-12431.json +++ b/2019/12xxx/CVE-2019-12431.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-12431", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-12431", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition 8.13 through 11.11. It has Improper Access Control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/", + "url": "https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/" } ] } diff --git a/2019/12xxx/CVE-2019-12432.json b/2019/12xxx/CVE-2019-12432.json index 5eac734a6bc..30fb67b115b 100644 --- a/2019/12xxx/CVE-2019-12432.json +++ b/2019/12xxx/CVE-2019-12432.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-12432", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-12432", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition 8.13 through 11.11. It allows Information Disclosure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/", + "url": "https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/" } ] } diff --git a/2019/12xxx/CVE-2019-12433.json b/2019/12xxx/CVE-2019-12433.json index 6f315e1a2a8..0f2dbd32b63 100644 --- a/2019/12xxx/CVE-2019-12433.json +++ b/2019/12xxx/CVE-2019-12433.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-12433", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-12433", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition 11.7 through 11.11. It has Improper Input Validation. Restricted visibility settings allow creating internal projects in private groups, leading to multiple permission issues." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/", + "url": "https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/" } ] } diff --git a/2019/12xxx/CVE-2019-12434.json b/2019/12xxx/CVE-2019-12434.json index 2f46f1283c7..2a82969d5dd 100644 --- a/2019/12xxx/CVE-2019-12434.json +++ b/2019/12xxx/CVE-2019-12434.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-12434", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-12434", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition 10.6 through 11.11. Users could guess the URL slug of private projects through the contrast of the destination URLs of issues linked in comments. It allows Information Disclosure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/", + "url": "https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/" } ] } diff --git a/2019/20xxx/CVE-2019-20509.json b/2019/20xxx/CVE-2019-20509.json new file mode 100644 index 00000000000..ead4f040448 --- /dev/null +++ b/2019/20xxx/CVE-2019-20509.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-20509", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "archive_read_support_format_lha.c in libarchive before 3.4.1 does not ensure valid sizes for UTF-16 input, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted LHA archive." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/libarchive/libarchive/commit/91cf9372e89f7af4582964b15ceb7fc6d1b37471", + "refsource": "MISC", + "name": "https://github.com/libarchive/libarchive/commit/91cf9372e89f7af4582964b15ceb7fc6d1b37471" + }, + { + "url": "https://github.com/libarchive/libarchive/issues/1284", + "refsource": "MISC", + "name": "https://github.com/libarchive/libarchive/issues/1284" + }, + { + "url": "https://github.com/libarchive/libarchive/compare/v3.4.0...v3.4.1", + "refsource": "MISC", + "name": "https://github.com/libarchive/libarchive/compare/v3.4.0...v3.4.1" + } + ] + } +} \ No newline at end of file diff --git a/2020/10xxx/CVE-2020-10364.json b/2020/10xxx/CVE-2020-10364.json new file mode 100644 index 00000000000..b2ea9f582e1 --- /dev/null +++ b/2020/10xxx/CVE-2020-10364.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-10364", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file