Auto-merge PR#3257

2025-05-07 19:17:10 +00:00 · 2020-05-04 12:45:15 -04:00 · 2020-05-04 12:45:15 -04:00 · 300dfd54d8
commit 300dfd54d8
parent c175a53876 2b94d6bae8
1 changed files with 62 additions and 4 deletions
--- a/2020/1xxx/CVE-2020-1732.json
+++ b/2020/1xxx/CVE-2020-1732.json
@ -4,15 +4,73 @@
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2020-1732",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "psampaio@redhat.com"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Soteria",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "before 1.0.1"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-284"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+             {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1732",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1732",
+                "refsource": "CONFIRM"
+            },
+            {
+                "url": "https://github.com/wildfly-security/soteria/commit/c2479f8c39d7d661341fdcaff7f5e97c5eea1a54",
+                "name": "https://github.com/wildfly-security/soteria/commit/c2479f8c39d7d661341fdcaff7f5e97c5eea1a54",
+                "refsource": "CONFIRM"
+            }
+        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request."
            }
        ]
+    },
+    "impact": {
+        "cvss": [
+            [
+                {
+                    "vectorString": "4.2/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
+                    "version": "3.0"
+                }
+            ]
+        ]
    }
-}
+}