diff --git a/2017/18xxx/CVE-2017-18640.json b/2017/18xxx/CVE-2017-18640.json index dc4400a6f7a..643f084d53b 100644 --- a/2017/18xxx/CVE-2017-18640.json +++ b/2017/18xxx/CVE-2017-18640.json @@ -271,6 +271,21 @@ "refsource": "MLIST", "name": "[hadoop-common-issues] 20201028 [jira] [Commented] (HADOOP-17236) Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640", "url": "https://lists.apache.org/thread.html/r4d7f37da1bc2df90a5a0f56eb7629b5ea131bfe11eeeb4b4c193f64a@%3Ccommon-issues.hadoop.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[hadoop-common-issues] 20201028 [jira] [Updated] (HADOOP-17236) Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640", + "url": "https://lists.apache.org/thread.html/r22ac2aa053b7d9c6b75a49db78125c9316499668d0f4a044f3402e2f@%3Ccommon-issues.hadoop.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[hadoop-common-commits] 20201028 [hadoop] branch trunk updated: HADOOP-17236. Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640. Contributed by Brahma Reddy Battula.", + "url": "https://lists.apache.org/thread.html/r1aab47b48a757c70e40fc0bcb1fcf1a3951afa6a17aee7cd66cf79f8@%3Ccommon-commits.hadoop.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[hadoop-common-commits] 20201028 [hadoop] branch branch-3.3 updated: HADOOP-17236. Bump up snakeyaml to 1.26 to mitigate CVE-2017-18640. Contributed by Brahma Reddy Battula.", + "url": "https://lists.apache.org/thread.html/rcb2a7037366c58bac6aec6ce3df843a11ef97ae4eb049f05f410eaa5@%3Ccommon-commits.hadoop.apache.org%3E" } ] } diff --git a/2020/16xxx/CVE-2020-16256.json b/2020/16xxx/CVE-2020-16256.json index f4e2078eb82..3033ab8303c 100644 --- a/2020/16xxx/CVE-2020-16256.json +++ b/2020/16xxx/CVE-2020-16256.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-16256", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-16256", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The API on Winston 1.5.4 devices is vulnerable to CSRF." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://winstonprivacy.com/", + "refsource": "MISC", + "name": "https://winstonprivacy.com/" + }, + { + "refsource": "MISC", + "name": "https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4", + "url": "https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4" } ] } diff --git a/2020/16xxx/CVE-2020-16258.json b/2020/16xxx/CVE-2020-16258.json index e1996ad84fe..01e0e11e3e3 100644 --- a/2020/16xxx/CVE-2020-16258.json +++ b/2020/16xxx/CVE-2020-16258.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-16258", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-16258", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Winston 1.5.4 devices make use of a Monit service (not managed during the normal user process) which is configured with default credentials." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://winstonprivacy.com/", + "refsource": "MISC", + "name": "https://winstonprivacy.com/" + }, + { + "refsource": "MISC", + "name": "https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4", + "url": "https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4" } ] } diff --git a/2020/16xxx/CVE-2020-16259.json b/2020/16xxx/CVE-2020-16259.json index 9294cad45bb..2a0ce19407b 100644 --- a/2020/16xxx/CVE-2020-16259.json +++ b/2020/16xxx/CVE-2020-16259.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-16259", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-16259", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is undocumented in device documents and is not announced to the user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://winstonprivacy.com/", + "refsource": "MISC", + "name": "https://winstonprivacy.com/" + }, + { + "refsource": "MISC", + "name": "https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4", + "url": "https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4" } ] } diff --git a/2020/16xxx/CVE-2020-16260.json b/2020/16xxx/CVE-2020-16260.json index 4c59c1fc172..c9dc79bd2f1 100644 --- a/2020/16xxx/CVE-2020-16260.json +++ b/2020/16xxx/CVE-2020-16260.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-16260", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-16260", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Winston 1.5.4 devices do not enforce authorization. This is exploitable from the intranet, and can be combined with other vulnerabilities for remote exploitation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://winstonprivacy.com/", + "refsource": "MISC", + "name": "https://winstonprivacy.com/" + }, + { + "refsource": "MISC", + "name": "https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4", + "url": "https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4" } ] } diff --git a/2020/16xxx/CVE-2020-16261.json b/2020/16xxx/CVE-2020-16261.json index 3c3539c4656..2127dd26599 100644 --- a/2020/16xxx/CVE-2020-16261.json +++ b/2020/16xxx/CVE-2020-16261.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-16261", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-16261", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Winston 1.5.4 devices allow a U-Boot interrupt, resulting in local root access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://winstonprivacy.com/", + "refsource": "MISC", + "name": "https://winstonprivacy.com/" + }, + { + "refsource": "MISC", + "name": "https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4", + "url": "https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4" } ] } diff --git a/2020/16xxx/CVE-2020-16262.json b/2020/16xxx/CVE-2020-16262.json index 8218b3b414f..d5e41508947 100644 --- a/2020/16xxx/CVE-2020-16262.json +++ b/2020/16xxx/CVE-2020-16262.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-16262", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-16262", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Winston 1.5.4 devices have a local www-data user that is overly permissioned, resulting in root privilege escalation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://winstonprivacy.com/", + "refsource": "MISC", + "name": "https://winstonprivacy.com/" + }, + { + "refsource": "MISC", + "name": "https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4", + "url": "https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4" } ] } diff --git a/2020/16xxx/CVE-2020-16263.json b/2020/16xxx/CVE-2020-16263.json index c5f689c6b1e..1fe533fd7f4 100644 --- a/2020/16xxx/CVE-2020-16263.json +++ b/2020/16xxx/CVE-2020-16263.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-16263", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-16263", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Winston 1.5.4 devices have a CORS configuration that trusts arbitrary origins. This allows requests to be made and viewed by arbitrary origins." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://winstonprivacy.com/", + "refsource": "MISC", + "name": "https://winstonprivacy.com/" + }, + { + "refsource": "MISC", + "name": "https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4", + "url": "https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4" } ] } diff --git a/2020/25xxx/CVE-2020-25966.json b/2020/25xxx/CVE-2020-25966.json index 6ab5bd02f54..49869a32c10 100644 --- a/2020/25xxx/CVE-2020-25966.json +++ b/2020/25xxx/CVE-2020-25966.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-25966", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-25966", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sectona.com/products/spectra-privileged-access-management/", + "refsource": "MISC", + "name": "https://sectona.com/products/spectra-privileged-access-management/" + }, + { + "url": "https://gitlab.com/Gazzaz/Spectra_API_Issue/", + "refsource": "MISC", + "name": "https://gitlab.com/Gazzaz/Spectra_API_Issue/" } ] } diff --git a/2020/26xxx/CVE-2020-26130.json b/2020/26xxx/CVE-2020-26130.json index d85ef2b4807..bc75d725b35 100644 --- a/2020/26xxx/CVE-2020-26130.json +++ b/2020/26xxx/CVE-2020-26130.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-26130", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-26130", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the OpenTFTPServerSP.exe binary." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sourceforge.net/projects/tftp-server/", + "refsource": "MISC", + "name": "https://sourceforge.net/projects/tftp-server/" + }, + { + "refsource": "MISC", + "name": "https://github.com/an0ry/advisories", + "url": "https://github.com/an0ry/advisories" } ] } diff --git a/2020/26xxx/CVE-2020-26131.json b/2020/26xxx/CVE-2020-26131.json index 1551f9c8ec8..722295c0367 100644 --- a/2020/26xxx/CVE-2020-26131.json +++ b/2020/26xxx/CVE-2020-26131.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-26131", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-26131", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHCP Server (LDAP Based) 0.1Beta. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenDHCPServer.exe (Regular) or the OpenDHCPLdap.exe (LDAP Based) binary." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sourceforge.net/projects/dhcpserver/", + "refsource": "MISC", + "name": "https://sourceforge.net/projects/dhcpserver/" + }, + { + "refsource": "MISC", + "name": "https://github.com/an0ry/advisories", + "url": "https://github.com/an0ry/advisories" } ] } diff --git a/2020/26xxx/CVE-2020-26132.json b/2020/26xxx/CVE-2020-26132.json index 88f1f282cd7..edd0f340b9a 100644 --- a/2020/26xxx/CVE-2020-26132.json +++ b/2020/26xxx/CVE-2020-26132.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-26132", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-26132", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the HomeDNSServer.exe binary." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sourceforge.net/projects/dnsserver/", + "refsource": "MISC", + "name": "https://sourceforge.net/projects/dnsserver/" + }, + { + "refsource": "MISC", + "name": "https://github.com/an0ry/advisories", + "url": "https://github.com/an0ry/advisories" } ] } diff --git a/2020/26xxx/CVE-2020-26133.json b/2020/26xxx/CVE-2020-26133.json index 7350941446f..aaf4437aa08 100644 --- a/2020/26xxx/CVE-2020-26133.json +++ b/2020/26xxx/CVE-2020-26133.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-26133", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-26133", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the DualServer.exe binary." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sourceforge.net/projects/dhcp-dns-server/", + "refsource": "MISC", + "name": "https://sourceforge.net/projects/dhcp-dns-server/" + }, + { + "refsource": "MISC", + "name": "https://github.com/an0ry/advisories", + "url": "https://github.com/an0ry/advisories" } ] } diff --git a/2020/5xxx/CVE-2020-5421.json b/2020/5xxx/CVE-2020-5421.json index a131ce8b009..bcf856eb240 100644 --- a/2020/5xxx/CVE-2020-5421.json +++ b/2020/5xxx/CVE-2020-5421.json @@ -138,6 +138,11 @@ "refsource": "MLIST", "name": "[pulsar-commits] 20201026 [GitHub] [pulsar] wolfstudy commented on pull request #8355: [Issue 8354][pulsar-io] Upgrade spring framework version to patch CVE-2020-5421", "url": "https://lists.apache.org/thread.html/r3589ed0d18edeb79028615080d5a0e8878856436bb91774a3196d9eb@%3Ccommits.pulsar.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[pulsar-commits] 20201028 [GitHub] [pulsar] merlimat merged pull request #8355: [Issue 8354][pulsar-io] Upgrade spring framework version to patch CVE-2020-5421", + "url": "https://lists.apache.org/thread.html/rb18ed999153ef0f0cb7af03efe0046c42c7242fd77fbd884a75ecfdc@%3Ccommits.pulsar.apache.org%3E" } ] },