admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-10-25 17:38:13 +00:00
parent 3c8feab7c3
commit 30dc37e7e6
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
93 changed files with 3028 additions and 2598 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
2019/10xxx/CVE-2019-10364.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10364",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Amazon EC2 Plugin",
"version": {
"version_data": [
{
"version_value": "1.43 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,22 +21,46 @@
"description": [
{
"lang": "eng",
"value": "CWE-532"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Amazon EC2 Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.43 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190731 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
},
{
"url": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-673",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-673"
}
]

63
2019/10xxx/CVE-2019-10365.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10365",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Google Kubernetes Engine Plugin",
"version": {
"version_data": [
{
"version_value": "0.6.2 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,22 +21,46 @@
"description": [
{
"lang": "eng",
"value": "CWE-377"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Google Kubernetes Engine Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.6.2 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190731 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
},
{
"url": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1345",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1345"
}
]

67
2019/10xxx/CVE-2019-10366.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10366",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Skytap Cloud CI Plugin",
"version": {
"version_data": [
{
"version_value": "2.06 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-256"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Skytap Cloud CI Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.06 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190731 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
"url": "http://www.openwall.com/lists/oss-security/2019/07/31/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/07/31/1"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-833/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-833/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-833/"
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-833/"
},
{
"url": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1429",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1429"
}
]

63
2019/10xxx/CVE-2019-10367.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10367",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Configuration as Code Plugin",
"version": {
"version_data": [
{
"version_value": "1.26 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,22 +21,46 @@
"description": [
{
"lang": "eng",
"value": "CWE-532"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Configuration as Code Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.26 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
},
{
"url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1497",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1497"
}
]

81
2019/10xxx/CVE-2019-10368.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10368",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins JClouds Plugin",
"version": {
"version_data": [
{
"version_value": "2.14 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,38 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-352"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins JClouds Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.14 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
},
{
"url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1482",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1482"
},
{
"refsource": "MLIST",
"name": "[jclouds-notifications] 20200106 [jira] [Created] (JCLOUDS-1536) SECURITY-1482 / CVE-2019-10368 (CSRF), CVE-2019-10369 (permission check)",
"url": "https://lists.apache.org/thread.html/r42b7ff290ed5ec8f27f12c54fff54462ffc4bcf6a5015c37fece94ac@%3Cnotifications.jclouds.apache.org%3E"
"url": "https://lists.apache.org/thread.html/r42b7ff290ed5ec8f27f12c54fff54462ffc4bcf6a5015c37fece94ac%40%3Cnotifications.jclouds.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r42b7ff290ed5ec8f27f12c54fff54462ffc4bcf6a5015c37fece94ac%40%3Cnotifications.jclouds.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[jclouds-notifications] 20200107 [jira] [Resolved] (JCLOUDS-1536) SECURITY-1482 / CVE-2019-10368 (CSRF), CVE-2019-10369 (permission check)",
"url": "https://lists.apache.org/thread.html/r6c4693d03d15391814c647742db49a4d9937fa34573fb66103d57b45@%3Cnotifications.jclouds.apache.org%3E"
"url": "https://lists.apache.org/thread.html/r6c4693d03d15391814c647742db49a4d9937fa34573fb66103d57b45%40%3Cnotifications.jclouds.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r6c4693d03d15391814c647742db49a4d9937fa34573fb66103d57b45%40%3Cnotifications.jclouds.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[jclouds-notifications] 20200107 [jira] [Commented] (JCLOUDS-1536) SECURITY-1482 / CVE-2019-10368 (CSRF), CVE-2019-10369 (permission check)",
"url": "https://lists.apache.org/thread.html/r725e55670dbdd214f3cfdfea255b72a75fa9a4f0c6c9d109b29c7881@%3Cnotifications.jclouds.apache.org%3E"
"url": "https://lists.apache.org/thread.html/r725e55670dbdd214f3cfdfea255b72a75fa9a4f0c6c9d109b29c7881%40%3Cnotifications.jclouds.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r725e55670dbdd214f3cfdfea255b72a75fa9a4f0c6c9d109b29c7881%40%3Cnotifications.jclouds.apache.org%3E"
}
]
}

81
2019/10xxx/CVE-2019-10369.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10369",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins JClouds Plugin",
"version": {
"version_data": [
{
"version_value": "2.14 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,38 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-285"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins JClouds Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.14 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
},
{
"url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1482",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1482"
},
{
"refsource": "MLIST",
"name": "[jclouds-notifications] 20200106 [jira] [Created] (JCLOUDS-1536) SECURITY-1482 / CVE-2019-10368 (CSRF), CVE-2019-10369 (permission check)",
"url": "https://lists.apache.org/thread.html/r42b7ff290ed5ec8f27f12c54fff54462ffc4bcf6a5015c37fece94ac@%3Cnotifications.jclouds.apache.org%3E"
"url": "https://lists.apache.org/thread.html/r42b7ff290ed5ec8f27f12c54fff54462ffc4bcf6a5015c37fece94ac%40%3Cnotifications.jclouds.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r42b7ff290ed5ec8f27f12c54fff54462ffc4bcf6a5015c37fece94ac%40%3Cnotifications.jclouds.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[jclouds-notifications] 20200107 [jira] [Resolved] (JCLOUDS-1536) SECURITY-1482 / CVE-2019-10368 (CSRF), CVE-2019-10369 (permission check)",
"url": "https://lists.apache.org/thread.html/r6c4693d03d15391814c647742db49a4d9937fa34573fb66103d57b45@%3Cnotifications.jclouds.apache.org%3E"
"url": "https://lists.apache.org/thread.html/r6c4693d03d15391814c647742db49a4d9937fa34573fb66103d57b45%40%3Cnotifications.jclouds.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r6c4693d03d15391814c647742db49a4d9937fa34573fb66103d57b45%40%3Cnotifications.jclouds.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[jclouds-notifications] 20200107 [jira] [Commented] (JCLOUDS-1536) SECURITY-1482 / CVE-2019-10368 (CSRF), CVE-2019-10369 (permission check)",
"url": "https://lists.apache.org/thread.html/r725e55670dbdd214f3cfdfea255b72a75fa9a4f0c6c9d109b29c7881@%3Cnotifications.jclouds.apache.org%3E"
"url": "https://lists.apache.org/thread.html/r725e55670dbdd214f3cfdfea255b72a75fa9a4f0c6c9d109b29c7881%40%3Cnotifications.jclouds.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r725e55670dbdd214f3cfdfea255b72a75fa9a4f0c6c9d109b29c7881%40%3Cnotifications.jclouds.apache.org%3E"
}
]
}

63
2019/10xxx/CVE-2019-10370.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10370",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Mask Passwords Plugin",
"version": {
"version_data": [
{
"version_value": "2.12.0 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,22 +21,46 @@
"description": [
{
"lang": "eng",
"value": "CWE-319"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Mask Passwords Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.12.0 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
},
{
"url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-157",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-157"
}
]

63
2019/10xxx/CVE-2019-10371.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10371",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Gitlab Authentication Plugin",
"version": {
"version_data": [
{
"version_value": "1.4 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,22 +21,46 @@
"description": [
{
"lang": "eng",
"value": "CWE-384"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Gitlab Authentication Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.4 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
},
{
"url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-795",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-795"
}
]

63
2019/10xxx/CVE-2019-10372.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10372",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Gitlab Authentication Plugin",
"version": {
"version_data": [
{
"version_value": "1.4 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,22 +21,46 @@
"description": [
{
"lang": "eng",
"value": "CWE-601"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Gitlab Authentication Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.4 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
},
{
"url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-796",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-796"
}
]

63
2019/10xxx/CVE-2019-10373.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10373",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Build Pipeline Plugin",
"version": {
"version_data": [
{
"version_value": "1.5.8 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,22 +21,46 @@
"description": [
{
"lang": "eng",
"value": "CWE-79"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Build Pipeline Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.5.8 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
},
{
"url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-879",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-879"
}
]

63
2019/10xxx/CVE-2019-10374.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10374",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins PegDown Formatter Plugin",
"version": {
"version_data": [
{
"version_value": "1.3 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,22 +21,46 @@
"description": [
{
"lang": "eng",
"value": "CWE-79"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins PegDown Formatter Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.3 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
},
{
"url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-142",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-142"
}
]

63
2019/10xxx/CVE-2019-10375.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10375",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins File System SCM Plugin",
"version": {
"version_data": [
{
"version_value": "2.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,22 +21,46 @@
"description": [
{
"lang": "eng",
"value": "CWE-22"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins File System SCM Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
},
{
"url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-569",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-569"
}
]

63
2019/10xxx/CVE-2019-10376.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10376",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Wall Display Plugin",
"version": {
"version_data": [
{
"version_value": "0.6.34 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,22 +21,46 @@
"description": [
{
"lang": "eng",
"value": "CWE-79"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Wall Display Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.6.34 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
},
{
"url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-751",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-751"
}
]

63
2019/10xxx/CVE-2019-10377.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10377",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Avatar Plugin",
"version": {
"version_data": [
{
"version_value": "1.2 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,22 +21,46 @@
"description": [
{
"lang": "eng",
"value": "CWE-285"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Avatar Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.2 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
},
{
"url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1099",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1099"
}
]

67
2019/10xxx/CVE-2019-10378.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10378",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins TestLink Plugin",
"version": {
"version_data": [
{
"version_value": "3.16 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-256"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins TestLink Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.16 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
"url": "http://www.openwall.com/lists/oss-security/2019/08/07/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/08/07/1"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-839/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-839/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-839/"
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-839/"
},
{
"url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1428",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1428"
}
]

93
2020/2xxx/CVE-2020-2307.json
View File

@ -1,48 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2307",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Kubernetes Plugin",
"version": {
"version_data": [
{
"version_value": "1.27.3",
"version_affected": "<="
},
{
"version_value": "1.26.5",
"version_affected": "!"
},
{
"version_value": "1.25.4.1",
"version_affected": "!"
},
{
"version_value": "1.21.6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -57,18 +21,63 @@
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Kubernetes Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.27.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.26.5"
},
{
"status": "unaffected",
"version": "1.25.4.1"
},
{
"status": "unaffected",
"version": "1.21.6"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1646",
"url": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1646",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1646"
}
]
}

103
2020/2xxx/CVE-2020-2308.json
View File

@ -1,52 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2308",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Kubernetes Plugin",
"version": {
"version_data": [
{
"version_value": "1.27.1",
"version_affected": ">="
},
{
"version_value": "1.27.3",
"version_affected": "<="
},
{
"version_value": "1.26.5",
"version_affected": "!"
},
{
"version_value": "1.25.4.1",
"version_affected": "!"
},
{
"version_value": "1.21.6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -61,18 +21,69 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Kubernetes Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "1.27.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.27.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.26.5"
},
{
"status": "unaffected",
"version": "1.25.4.1"
},
{
"status": "unaffected",
"version": "1.21.6"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2102",
"url": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2102",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2102"
}
]
}

93
2020/2xxx/CVE-2020-2309.json
View File

@ -1,48 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2309",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Kubernetes Plugin",
"version": {
"version_data": [
{
"version_value": "1.27.3",
"version_affected": "<="
},
{
"version_value": "1.26.5",
"version_affected": "!"
},
{
"version_value": "1.25.4.1",
"version_affected": "!"
},
{
"version_value": "1.21.6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -57,18 +21,63 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Kubernetes Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.27.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.26.5"
},
{
"status": "unaffected",
"version": "1.25.4.1"
},
{
"status": "unaffected",
"version": "1.21.6"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2103",
"url": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2103",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2103"
}
]
}

61
2020/2xxx/CVE-2020-2310.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2310",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Ansible Plugin",
"version": {
"version_data": [
{
"version_value": "1.0",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Ansible Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1943",
"url": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1943",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1943"
}
]
}

77
2020/2xxx/CVE-2020-2311.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2311",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins AWS Global Configuration Plugin",
"version": {
"version_data": [
{
"version_value": "1.5",
"version_affected": "<="
},
{
"version_value": "1.3.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,55 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins AWS Global Configuration Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.3.1"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2101",
"url": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2101",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2101"
}
]
}

61
2020/2xxx/CVE-2020-2312.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2312",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins SQLPlus Script Runner Plugin",
"version": {
"version_data": [
{
"version_value": "2.0.12",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-522: Insufficiently Protected Credentials"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins SQLPlus Script Runner Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.0.12"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2129",
"url": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2129",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2129"
}
]
}

61
2020/2xxx/CVE-2020-2313.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2313",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Azure Key Vault Plugin",
"version": {
"version_data": [
{
"version_value": "2.0",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Azure Key Vault Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2110",
"url": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2110",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2110"
}
]
}

61
2020/2xxx/CVE-2020-2314.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2314",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins AppSpider Plugin",
"version": {
"version_data": [
{
"version_value": "1.0.12",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-256: Unprotected Storage of Credentials"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins AppSpider Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.0.12"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2058",
"url": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2058",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2058"
}
]
}

61
2020/2xxx/CVE-2020-2315.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2315",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Visualworks Store Plugin",
"version": {
"version_data": [
{
"version_value": "1.1.3",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-611: Improper Restriction of XML External Entity Reference"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Visualworks Store Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.1.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1900",
"url": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1900",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1900"
}
]
}

79
2020/2xxx/CVE-2020-2316.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2316",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Static Analysis Utilities Plugin",
"version": {
"version_data": [
{
"version_value": "1.96",
"version_affected": "<="
},
{
"version_value": "1.96",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Static Analysis Utilities Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.96",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.96",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1907",
"url": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1907",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1907"
}
]
}

79
2020/2xxx/CVE-2020-2317.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2317",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins FindBugs Plugin",
"version": {
"version_data": [
{
"version_value": "5.0.0",
"version_affected": "<="
},
{
"version_value": "5.0.0",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins FindBugs Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "5.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 5.0.0",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1918",
"url": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1918",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-1918"
}
]
}

79
2020/2xxx/CVE-2020-2318.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2318",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Mail Commander Plugin for Jenkins-ci Plugin",
"version": {
"version_data": [
{
"version_value": "1.0.0",
"version_affected": "<="
},
{
"version_value": "1.0.0",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-256: Unprotected Storage of Credentials"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Mail Commander Plugin for Jenkins-ci Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.0.0",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2085",
"url": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2085",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2085"
}
]
}

79
2020/2xxx/CVE-2020-2319.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2319",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins VMware Lab Manager Slaves Plugin",
"version": {
"version_data": [
{
"version_value": "0.2.8",
"version_affected": "<="
},
{
"version_value": "0.2.8",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-256: Unprotected Storage of Credentials"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins VMware Lab Manager Slaves Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "0.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 0.2.8",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2084",
"url": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2084",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2084"
}
]
}

67
2020/2xxx/CVE-2020-2320.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2320",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Plugin Installation Manager Tool",
"version": {
"version_data": [
{
"version_value": "2.1.3",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-494: Download of Code Without Integrity Check"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Plugin Installation Manager Tool",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.1.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-12-03/#SECURITY-1856",
"url": "https://www.jenkins.io/security/advisory/2020-12-03/#SECURITY-1856",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-12-03/#SECURITY-1856"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20201203 Multiple vulnerabilities in Jenkins",
"url": "http://www.openwall.com/lists/oss-security/2020/12/03/2"
"url": "http://www.openwall.com/lists/oss-security/2020/12/03/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/12/03/2"
}
]
}

67
2020/2xxx/CVE-2020-2321.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2321",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Shelve Project Plugin",
"version": {
"version_data": [
{
"version_value": "3.0",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Shelve Project Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "3.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-12-03/#SECURITY-2108",
"url": "https://www.jenkins.io/security/advisory/2020-12-03/#SECURITY-2108",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-12-03/#SECURITY-2108"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20201203 Multiple vulnerabilities in Jenkins",
"url": "http://www.openwall.com/lists/oss-security/2020/12/03/2"
"url": "http://www.openwall.com/lists/oss-security/2020/12/03/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/12/03/2"
}
]
}

65
2021/21xxx/CVE-2021-21690.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21690",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.318",
"version_affected": "<="
},
{
"version_value": "LTS 2.303.2",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-693: Protection Mechanism Failure"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.318"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
"url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455"
}
]
}

65
2021/21xxx/CVE-2021-21691.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21691",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.318",
"version_affected": "<="
},
{
"version_value": "LTS 2.303.2",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.318"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
"url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455"
}
]
}

65
2021/21xxx/CVE-2021-21692.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21692",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.318",
"version_affected": "<="
},
{
"version_value": "LTS 2.303.2",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.318"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
"url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455"
}
]
}

67
2021/21xxx/CVE-2021-21693.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21693",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.318",
"version_affected": "<="
},
{
"version_value": "LTS 2.303.2",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,19 +21,44 @@
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.318"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
"url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455"
}
]
}
}
}

65
2021/21xxx/CVE-2021-21694.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21694",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.318",
"version_affected": "<="
},
{
"version_value": "LTS 2.303.2",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.318"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
"url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455"
}
]
}

71
2021/21xxx/CVE-2021-21695.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21695",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.318",
"version_affected": "<="
},
{
"version_value": "LTS 2.303.2",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.318"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
"url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2455"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20211104 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/11/04/3"
"url": "http://www.openwall.com/lists/oss-security/2021/11/04/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/11/04/3"
}
]
}

71
2021/21xxx/CVE-2021-21696.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21696",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.318",
"version_affected": "<="
},
{
"version_value": "LTS 2.303.2",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-693: Protection Mechanism Failure"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.318"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2423",
"url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2423",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2423"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20211104 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/11/04/3"
"url": "http://www.openwall.com/lists/oss-security/2021/11/04/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/11/04/3"
}
]
}

71
2021/21xxx/CVE-2021-21697.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21697",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.318",
"version_affected": "<="
},
{
"version_value": "LTS 2.303.2",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-184: Incomplete List of Disallowed Inputs"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.318"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2428",
"url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2428",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2428"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20211104 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/11/04/3"
"url": "http://www.openwall.com/lists/oss-security/2021/11/04/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/11/04/3"
}
]
}

67
2021/21xxx/CVE-2021-21698.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21698",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Subversion Plugin",
"version": {
"version_data": [
{
"version_value": "2.15.0",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Subversion Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.15.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2506",
"url": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2506",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2506"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20211104 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/11/04/3"
"url": "http://www.openwall.com/lists/oss-security/2021/11/04/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/11/04/3"
}
]
}

67
2021/21xxx/CVE-2021-21699.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21699",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Active Choices Plugin",
"version": {
"version_data": [
{
"version_value": "2.5.6",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Active Choices Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.5.6"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2219",
"url": "https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2219",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2219"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20211112 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/11/12/1"
"url": "http://www.openwall.com/lists/oss-security/2021/11/12/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/11/12/1"
}
]
}

67
2021/21xxx/CVE-2021-21700.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21700",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Scriptler Plugin",
"version": {
"version_data": [
{
"version_value": "3.3",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Scriptler Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "3.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2406",
"url": "https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2406",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2406"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20211112 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/11/12/1"
"url": "http://www.openwall.com/lists/oss-security/2021/11/12/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/11/12/1"
}
]
}

97
2021/21xxx/CVE-2021-21701.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21701",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Performance Plugin",
"version": {
"version_data": [
{
"version_value": "3.20",
"version_affected": "<="
},
{
"version_value": "3.20",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,28 +21,67 @@
"description": [
{
"lang": "eng",
"value": "CWE-611: Improper Restriction of XML External Entity Reference"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Performance Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "3.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 3.20",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2394",
"url": "https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2394",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20211112 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/11/12/1"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1313/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1313/"
"name": "https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2394"
},
{
"url": "http://www.openwall.com/lists/oss-security/2021/11/12/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/11/12/1"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1313/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1313/"
}
]
}

97
2021/43xxx/CVE-2021-43576.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-43576",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins pom2config Plugin",
"version": {
"version_data": [
{
"version_value": "1.2",
"version_affected": "<="
},
{
"version_value": "1.2",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,28 +21,67 @@
"description": [
{
"lang": "eng",
"value": "CWE-611: Improper Restriction of XML External Entity Reference"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins pom2config Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.2",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2415",
"url": "https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2415",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20211112 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/11/12/1"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1314/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1314/"
"name": "https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2415"
},
{
"url": "http://www.openwall.com/lists/oss-security/2021/11/12/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/11/12/1"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1314/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1314/"
}
]
}

85
2021/43xxx/CVE-2021-43577.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-43577",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins OWASP Dependency-Check Plugin",
"version": {
"version_data": [
{
"version_value": "5.1.1",
"version_affected": "<="
},
{
"version_value": "5.1.1",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-611: Improper Restriction of XML External Entity Reference"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins OWASP Dependency-Check Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "5.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 5.1.1",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2488",
"url": "https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2488",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2488"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20211112 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/11/12/1"
"url": "http://www.openwall.com/lists/oss-security/2021/11/12/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/11/12/1"
}
]
}

99
2022/20xxx/CVE-2022-20618.json
View File

@ -1,48 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-20618",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Bitbucket Branch Source Plugin",
"version": {
"version_data": [
{
"version_value": "737.vdf9dc06105be",
"version_affected": "<="
},
{
"version_value": "725.vd9f8be0fa250",
"version_affected": "!"
},
{
"version_value": "2.9.11.2",
"version_affected": "!"
},
{
"version_value": "2.9.7.2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -57,23 +21,68 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Bitbucket Branch Source Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "737.vdf9dc06105be",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "725.vd9f8be0fa250"
},
{
"status": "unaffected",
"version": "2.9.11.2"
},
{
"status": "unaffected",
"version": "2.9.7.2"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2033",
"url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2033",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2033"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220112 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
}
]
}

99
2022/20xxx/CVE-2022-20619.json
View File

@ -1,48 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-20619",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Bitbucket Branch Source Plugin",
"version": {
"version_data": [
{
"version_value": "737.vdf9dc06105be",
"version_affected": "<="
},
{
"version_value": "725.vd9f8be0fa250",
"version_affected": "!"
},
{
"version_value": "2.9.11.2",
"version_affected": "!"
},
{
"version_value": "2.9.7.2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -57,23 +21,68 @@
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Bitbucket Branch Source Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "737.vdf9dc06105be",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "725.vd9f8be0fa250"
},
{
"status": "unaffected",
"version": "2.9.11.2"
},
{
"status": "unaffected",
"version": "2.9.7.2"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2467",
"url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2467",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2467"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220112 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
}
]
}

83
2022/20xxx/CVE-2022-20620.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-20620",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins SSH Agent Plugin",
"version": {
"version_data": [
{
"version_value": "1.23",
"version_affected": "<="
},
{
"version_value": "1.22.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,60 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins SSH Agent Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.23",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.22.1"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2189",
"url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2189",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2189"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220112 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
}
]
}

83
2022/20xxx/CVE-2022-20621.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-20621",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Metrics Plugin",
"version": {
"version_data": [
{
"version_value": "4.0.2.8",
"version_affected": "<="
},
{
"version_value": "4.0.2.7.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,60 @@
"description": [
{
"lang": "eng",
"value": "CWE-256: Plaintext Storage of a Password"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Metrics Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "4.0.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.0.2.7.1"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-1624",
"url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-1624",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-1624"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220112 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
}
]
}

91
2022/23xxx/CVE-2022-23105.json
View File

@ -1,44 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-23105",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Active Directory Plugin",
"version": {
"version_data": [
{
"version_value": "2.25",
"version_affected": "<="
},
{
"version_value": "2.23.1",
"version_affected": "!"
},
{
"version_value": "2.24.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -53,23 +21,64 @@
"description": [
{
"lang": "eng",
"value": "CWE-319: Cleartext Transmission of Sensitive Information"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Active Directory Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "2.25",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2.23.1"
},
{
"status": "unaffected",
"version": "2.24.1"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-1389",
"url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-1389",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-1389"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220112 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
}
]
}

99
2022/23xxx/CVE-2022-23106.json
View File

@ -1,48 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-23106",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Configuration as Code Plugin",
"version": {
"version_data": [
{
"version_value": "1.47.1",
"version_affected": "!"
},
{
"version_value": "1.53.1",
"version_affected": "!"
},
{
"version_value": "1.54.1",
"version_affected": "!"
},
{
"version_value": "1.55",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -57,23 +21,68 @@
"description": [
{
"lang": "eng",
"value": "CWE-208: Observable Timing Discrepancy"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Configuration as Code Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "1.47.1"
},
{
"status": "unaffected",
"version": "1.53.1"
},
{
"status": "unaffected",
"version": "1.54.1"
},
{
"lessThanOrEqual": "1.55",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2141",
"url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2141",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2141"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220112 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
}
]
}

99
2022/23xxx/CVE-2022-23107.json
View File

@ -1,48 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-23107",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Warnings Next Generation Plugin",
"version": {
"version_data": [
{
"version_value": "9.10.2",
"version_affected": "<="
},
{
"version_value": "9.0.2",
"version_affected": "!"
},
{
"version_value": "9.5.2",
"version_affected": "!"
},
{
"version_value": "9.7.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -57,23 +21,68 @@
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Warnings Next Generation Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "9.10.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.0.2"
},
{
"status": "unaffected",
"version": "9.5.2"
},
{
"status": "unaffected",
"version": "9.7.1"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2090",
"url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2090",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2090"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220112 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
}
]
}

67
2022/23xxx/CVE-2022-23108.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-23108",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Badge Plugin",
"version": {
"version_data": [
{
"version_value": "1.9",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Badge Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2547",
"url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2547",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2547"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220112 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
}
]
}

67
2022/23xxx/CVE-2022-23109.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-23109",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins HashiCorp Vault Plugin",
"version": {
"version_data": [
{
"version_value": "3.7.0",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-668: Exposure of Resource to Wrong Sphere"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins HashiCorp Vault Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "3.7.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2213",
"url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2213",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2213"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220112 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
}
]
}

85
2022/23xxx/CVE-2022-23110.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-23110",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Publish Over SSH Plugin",
"version": {
"version_data": [
{
"version_value": "1.22",
"version_affected": "<="
},
{
"version_value": "1.22",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Publish Over SSH Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.22",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.22",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2287",
"url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2287",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2287"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220112 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
}
]
}

85
2022/23xxx/CVE-2022-23111.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-23111",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Publish Over SSH Plugin",
"version": {
"version_data": [
{
"version_value": "1.22",
"version_affected": "<="
},
{
"version_value": "1.22",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Publish Over SSH Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.22",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.22",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2290",
"url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2290",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2290"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220112 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
}
]
}

85
2022/23xxx/CVE-2022-23112.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-23112",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Publish Over SSH Plugin",
"version": {
"version_data": [
{
"version_value": "1.22",
"version_affected": "<="
},
{
"version_value": "1.22",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Publish Over SSH Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.22",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.22",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2290",
"url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2290",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2290"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220112 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
}
]
}

85
2022/23xxx/CVE-2022-23113.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-23113",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Publish Over SSH Plugin",
"version": {
"version_data": [
{
"version_value": "1.22",
"version_affected": "<="
},
{
"version_value": "1.22",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Publish Over SSH Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.22",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.22",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2307",
"url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2307",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2307"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220112 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
}
]
}

85
2022/23xxx/CVE-2022-23114.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-23114",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Publish Over SSH Plugin",
"version": {
"version_data": [
{
"version_value": "1.22",
"version_affected": "<="
},
{
"version_value": "1.22",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-256: Plaintext Storage of a Password"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Publish Over SSH Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.22",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.22",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2291",
"url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2291",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2291"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220112 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/01/12/6"
}
]
}

85
2022/36xxx/CVE-2022-36894.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-36894",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins CLIF Performance Testing Plugin",
"version": {
"version_data": [
{
"version_value": "64.vc0d66de1dfb_f",
"version_affected": "<="
},
{
"version_value": "64.vc0d66de1dfb_f",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins CLIF Performance Testing Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "64.vc0d66de1dfb_f",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 64.vc0d66de1dfb_f",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2413",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2413",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2413"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
]
}

67
2022/36xxx/CVE-2022-36895.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-36895",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Compuware Topaz Utilities Plugin",
"version": {
"version_data": [
{
"version_value": "1.0.8",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Compuware Topaz Utilities Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.0.8"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2619",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2619",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2619"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
]
}

67
2022/36xxx/CVE-2022-36896.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-36896",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin",
"version": {
"version_data": [
{
"version_value": "2.0.12",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.0.12"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2621",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2621",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2621"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
]
}

67
2022/36xxx/CVE-2022-36897.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-36897",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Compuware Xpediter Code Coverage Plugin",
"version": {
"version_data": [
{
"version_value": "1.0.7",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Compuware Xpediter Code Coverage Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.0.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2626",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2626",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2626"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
]
}

67
2022/36xxx/CVE-2022-36898.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-36898",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Compuware ISPW Operations Plugin",
"version": {
"version_data": [
{
"version_value": "1.0.8",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Compuware ISPW Operations Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.0.8"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2628",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2628",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2628"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
]
}

67
2022/36xxx/CVE-2022-36899.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-36899",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Compuware ISPW Operations Plugin",
"version": {
"version_data": [
{
"version_value": "1.0.8",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-693: Protection Mechanism Failure"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Compuware ISPW Operations Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.0.8"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2629",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2629",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2629"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
]
}

67
2022/36xxx/CVE-2022-36900.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-36900",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Compuware zAdviser API Plugin",
"version": {
"version_data": [
{
"version_value": "1.0.3",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-693: Protection Mechanism Failure"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Compuware zAdviser API Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.0.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2630",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2630",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2630"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
]
}

85
2022/36xxx/CVE-2022-36901.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-36901",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins HTTP Request Plugin",
"version": {
"version_data": [
{
"version_value": "1.15",
"version_affected": "<="
},
{
"version_value": "1.15",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-256: Plaintext Storage of a Password"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins HTTP Request Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.15",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.15",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2053",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2053",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2053"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
]
}

85
2022/36xxx/CVE-2022-36902.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-36902",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Dynamic Extended Choice Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "1.0.1",
"version_affected": "<="
},
{
"version_value": "1.0.1",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Dynamic Extended Choice Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.0.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.0.1",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2682",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2682",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2682"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
]
}

87
2022/36xxx/CVE-2022-36903.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-36903",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Repository Connector Plugin",
"version": {
"version_data": [
{
"version_value": "2.2.0",
"version_affected": "<="
},
{
"version_value": "2.2.0",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Repository Connector Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "2.2.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 2.2.0",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2665%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2665%20(1)",
"refsource": "CONFIRM"
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2665%20%281%29",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2665%20%281%29"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
]
}

87
2022/36xxx/CVE-2022-36904.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-36904",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Repository Connector Plugin",
"version": {
"version_data": [
{
"version_value": "2.2.0",
"version_affected": "<="
},
{
"version_value": "2.2.0",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Repository Connector Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "2.2.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 2.2.0",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2665%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2665%20(2)",
"refsource": "CONFIRM"
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2665%20%282%29",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2665%20%282%29"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
]
}

85
2022/36xxx/CVE-2022-36905.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-36905",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Maven Metadata Plugin for Jenkins CI server Plugin",
"version": {
"version_data": [
{
"version_value": "2.2",
"version_affected": "<="
},
{
"version_value": "2.2",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Maven Metadata Plugin for Jenkins CI server Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "2.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 2.2",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2686",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2686",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2686"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
]
}

87
2022/36xxx/CVE-2022-36906.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-36906",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins OpenShift Deployer Plugin",
"version": {
"version_data": [
{
"version_value": "1.2.0",
"version_affected": "<="
},
{
"version_value": "1.2.0",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins OpenShift Deployer Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.2.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.2.0",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1375%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1375%20(1)",
"refsource": "CONFIRM"
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1375%20%281%29",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1375%20%281%29"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
]
}

87
2022/36xxx/CVE-2022-36907.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-36907",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins OpenShift Deployer Plugin",
"version": {
"version_data": [
{
"version_value": "1.2.0",
"version_affected": "<="
},
{
"version_value": "1.2.0",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins OpenShift Deployer Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.2.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.2.0",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1375%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1375%20(1)",
"refsource": "CONFIRM"
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1375%20%281%29",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1375%20%281%29"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
"url": "http://www.openwall.com/lists/oss-security/2022/07/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2022/07/27/1"
}
]
}

61
2023/39xxx/CVE-2023-39732.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39732",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-39732",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The leakage of the client secret in Tokueimaru_waiting Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39732.md",
"url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39732.md"
},
{
"refsource": "MISC",
"name": "https://liff.line.me/1657574837-elb6bNQj",
"url": "https://liff.line.me/1657574837-elb6bNQj"
}
]
}

61
2023/39xxx/CVE-2023-39739.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39739",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-39739",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The leakage of the client secret in REGINA SWEETS&BAKERY Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39739.md",
"url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39739.md"
},
{
"refsource": "MISC",
"name": "https://liff.line.me/1656985266-EmlxqQQx",
"url": "https://liff.line.me/1656985266-EmlxqQQx"
}
]
}

4
2023/3xxx/CVE-2023-3997.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Splunk SOAR versions lower than 6.1.0 are indirectly affected by a potential vulnerability accessed through the user\u2019s terminal. A third party can send Splunk SOAR a maliciously crafted web request containing special ANSI characters to cause log file poisoning. When a terminal user attempts to view the poisoned logs, this can tamper with the terminal and cause possible malicious code execution from the terminal user\u2019s action."
"value": "Splunk SOAR versions 6.0.2 and earlier are indirectly affected by a potential vulnerability accessed through the user\u2019s terminal. A third party can send Splunk SOAR a maliciously crafted web request containing special ANSI characters to cause log file poisoning. When a terminal user attempts to view the poisoned logs, this can tamper with the terminal and cause possible malicious code execution from the terminal user\u2019s action."
}
]
},
@ -41,7 +41,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "-",
"version_name": "6.1",
"version_value": "6.1.0"
}
]

3
2023/4xxx/CVE-2023-4172.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N"
}
]
}

3
2023/4xxx/CVE-2023-4173.json
View File

@ -92,8 +92,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/4xxx/CVE-2023-4174.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/4xxx/CVE-2023-4175.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/4xxx/CVE-2023-4176.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/4xxx/CVE-2023-4177.json
View File

@ -92,8 +92,7 @@
{
"version": "2.0",
"baseScore": 1.4,
"vectorString": "AV:A/AC:H/Au:S/C:P/I:N/A:N",
"baseSeverity": "LOW"
"vectorString": "AV:A/AC:H/Au:S/C:P/I:N/A:N"
}
]
}

3
2023/4xxx/CVE-2023-4179.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/4xxx/CVE-2023-4180.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseSeverity": "HIGH"
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

3
2023/4xxx/CVE-2023-4181.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 5.5,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P"
}
]
}

3
2023/4xxx/CVE-2023-4182.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseSeverity": "HIGH"
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

3
2023/4xxx/CVE-2023-4183.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/4xxx/CVE-2023-4184.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseSeverity": "HIGH"
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

3
2023/4xxx/CVE-2023-4185.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

2
2023/4xxx/CVE-2023-4571.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "In Splunk IT Service Intelligence (ITSI) versions below below 4.13.3, 4.15.3, or 4.17.1, a malicious actor can inject American National Standards Institute (ANSI) escape codes into Splunk ITSI log files that, when a vulnerable terminal application reads them, can run malicious code in the vulnerable application. This attack requires a user to use a terminal application that translates ANSI escape codes to read the malicious log file locally in the vulnerable terminal. The vulnerability also requires additional user interaction to succeed. \n\nThe vulnerability does not directly affect Splunk ITSI. The indirect impact on Splunk ITSI can vary significantly depending on the permissions in the vulnerable terminal application, as well as where and how the user reads the malicious log file. For example, users can copy the malicious file from Splunk ITSI and read it on their local machine."
"value": "In Splunk IT Service Intelligence (ITSI) versions below 4.13.3 or 4.15.3, a malicious actor can inject American National Standards Institute (ANSI) escape codes into Splunk ITSI log files that, when a vulnerable terminal application reads them, can run malicious code in the vulnerable application. This attack requires a user to use a terminal application that translates ANSI escape codes to read the malicious log file locally in the vulnerable terminal. The vulnerability also requires additional user interaction to succeed. \n\nThe vulnerability does not directly affect Splunk ITSI. The indirect impact on Splunk ITSI can vary significantly depending on the permissions in the vulnerable terminal application, as well as where and how the user reads the malicious log file. For example, users can copy the malicious file from Splunk ITSI and read it on their local machine."
}
]
},

3
2023/5xxx/CVE-2023-5271.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/5xxx/CVE-2023-5272.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/5xxx/CVE-2023-5273.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

18
2023/5xxx/CVE-2023-5749.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5749",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}