admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-02-24 16:02:49 +00:00
parent fc96b0e073
commit 4021eebe08
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
14 changed files with 624 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2020/5xxx/CVE-2020-5953.json
View File

@ -66,6 +66,11 @@
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220222-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220222-0005/"
}
]
}

5
2021/33xxx/CVE-2021-33625.json
View File

@ -66,6 +66,11 @@
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220222-0004/",
"url": "https://security.netapp.com/advisory/ntap-20220222-0004/"
}
]
}

5
2021/33xxx/CVE-2021-33627.json
View File

@ -66,6 +66,11 @@
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220222-0002/",
"url": "https://security.netapp.com/advisory/ntap-20220222-0002/"
}
]
}

5
2021/41xxx/CVE-2021-41837.json
View File

@ -66,6 +66,11 @@
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220222-0003/",
"url": "https://security.netapp.com/advisory/ntap-20220222-0003/"
}
]
}

5
2021/41xxx/CVE-2021-41838.json
View File

@ -66,6 +66,11 @@
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220222-0001/",
"url": "https://security.netapp.com/advisory/ntap-20220222-0001/"
}
]
}

83
2022/0xxx/CVE-2022-0717.json
View File

@ -1,18 +1,89 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0717",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Out-of-bounds Read in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9"
},
{
"name": "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76"
}
]
},
"source": {
"advisory": "27a851a5-7ebf-409b-854f-b2614771e8f9",
"discovery": "EXTERNAL"
}
}

83
2022/0xxx/CVE-2022-0719.json
View File

@ -1,18 +1,89 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0719",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Cross-site Scripting (XSS) - Reflected in microweber/microweber"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "microweber/microweber",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "1.3"
}
]
}
}
]
},
"vendor_name": "microweber"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.3."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/bcdce15b-7f40-4971-a061-c25c6053c312",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/bcdce15b-7f40-4971-a061-c25c6053c312"
},
{
"name": "https://github.com/microweber/microweber/commit/a5925f74d39775771d4c37c8d4c1acbb762fda0a",
"refsource": "MISC",
"url": "https://github.com/microweber/microweber/commit/a5925f74d39775771d4c37c8d4c1acbb762fda0a"
}
]
},
"source": {
"advisory": "bcdce15b-7f40-4971-a061-c25c6053c312",
"discovery": "EXTERNAL"
}
}

83
2022/0xxx/CVE-2022-0721.json
View File

@ -1,18 +1,89 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0721",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Insertion of Sensitive Information Into Debugging Code in microweber/microweber"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "microweber/microweber",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "1.3"
}
]
}
}
]
},
"vendor_name": "microweber"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-215 Insertion of Sensitive Information Into Debugging Code"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/ae267d39-9750-4c69-be8b-4f915da089fb",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/ae267d39-9750-4c69-be8b-4f915da089fb"
},
{
"name": "https://github.com/microweber/microweber/commit/b12e1a490c79460bff019f34b2e17112249b16ec",
"refsource": "MISC",
"url": "https://github.com/microweber/microweber/commit/b12e1a490c79460bff019f34b2e17112249b16ec"
}
]
},
"source": {
"advisory": "ae267d39-9750-4c69-be8b-4f915da089fb",
"discovery": "EXTERNAL"
}
}

83
2022/0xxx/CVE-2022-0724.json
View File

@ -1,18 +1,89 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0724",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Insecure Storage of Sensitive Information in microweber/microweber"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "microweber/microweber",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "1.3"
}
]
}
}
]
},
"vendor_name": "microweber"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-922 Insecure Storage of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/0cdc4a29-dada-4264-b326-8b65b4f11062",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/0cdc4a29-dada-4264-b326-8b65b4f11062"
},
{
"name": "https://github.com/microweber/microweber/commit/b592c86d2b927c0cae5b73b87fb541f25e777aa3",
"refsource": "MISC",
"url": "https://github.com/microweber/microweber/commit/b592c86d2b927c0cae5b73b87fb541f25e777aa3"
}
]
},
"source": {
"advisory": "0cdc4a29-dada-4264-b326-8b65b4f11062",
"discovery": "EXTERNAL"
}
}

83
2022/0xxx/CVE-2022-0726.json
View File

@ -1,18 +1,89 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0726",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Improper Authorization in chocobozzz/peertube"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "chocobozzz/peertube",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "4.1.0"
}
]
}
}
]
},
"vendor_name": "chocobozzz"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285 Improper Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chocobozzz/peertube/commit/6ea9295b8f5dd7cc254202a79aad61c666cc4259",
"refsource": "MISC",
"url": "https://github.com/chocobozzz/peertube/commit/6ea9295b8f5dd7cc254202a79aad61c666cc4259"
},
{
"name": "https://huntr.dev/bounties/8928ab08-7fcb-475e-8da7-18e8412c1ac3",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/8928ab08-7fcb-475e-8da7-18e8412c1ac3"
}
]
},
"source": {
"advisory": "8928ab08-7fcb-475e-8da7-18e8412c1ac3",
"discovery": "EXTERNAL"
}
}

83
2022/0xxx/CVE-2022-0727.json
View File

@ -1,18 +1,89 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0727",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Improper Access Control in chocobozzz/peertube"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "chocobozzz/peertube",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "4.1.0"
}
]
}
}
]
},
"vendor_name": "chocobozzz"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/d1faa10f-0640-480c-bb52-089adb351e6e",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/d1faa10f-0640-480c-bb52-089adb351e6e"
},
{
"name": "https://github.com/chocobozzz/peertube/commit/6ea9295b8f5dd7cc254202a79aad61c666cc4259",
"refsource": "MISC",
"url": "https://github.com/chocobozzz/peertube/commit/6ea9295b8f5dd7cc254202a79aad61c666cc4259"
}
]
},
"source": {
"advisory": "d1faa10f-0640-480c-bb52-089adb351e6e",
"discovery": "EXTERNAL"
}
}

83
2022/0xxx/CVE-2022-0729.json
View File

@ -1,18 +1,89 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0729",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Use of Out-of-range Pointer Offset in vim/vim"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "vim/vim",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "8.2.4440"
}
]
}
}
]
},
"vendor_name": "vim"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-823 Use of Out-of-range Pointer Offset"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/f3f3d992-7bd6-4ee5-a502-ae0e5f8016ea",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/f3f3d992-7bd6-4ee5-a502-ae0e5f8016ea"
},
{
"name": "https://github.com/vim/vim/commit/6456fae9ba8e72c74b2c0c499eaf09974604ff30",
"refsource": "MISC",
"url": "https://github.com/vim/vim/commit/6456fae9ba8e72c74b2c0c499eaf09974604ff30"
}
]
},
"source": {
"advisory": "f3f3d992-7bd6-4ee5-a502-ae0e5f8016ea",
"discovery": "EXTERNAL"
}
}

5
2022/24xxx/CVE-2022-24407.json
View File

@ -61,11 +61,6 @@
"refsource": "CONFIRM",
"name": "https://github.com/cyrusimap/cyrus-sasl/blob/fdcd13ceaef8de684dc69008011fa865c5b4a3ac/docsrc/sasl/release-notes/2.1/index.rst",
"url": "https://github.com/cyrusimap/cyrus-sasl/blob/fdcd13ceaef8de684dc69008011fa865c5b4a3ac/docsrc/sasl/release-notes/2.1/index.rst"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220223 Fwd: Cyrus-SASL 2.1.28 released [fixes CVE-2022-24407 & CVE-2019-19906]",
"url": "http://www.openwall.com/lists/oss-security/2022/02/23/4"
}
]
}

66
2022/25xxx/CVE-2022-25643.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-25643",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-25643",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/kennylevinsen/seatd/tags",
"refsource": "MISC",
"name": "https://github.com/kennylevinsen/seatd/tags"
},
{
"url": "https://github.com/kennylevinsen/seatd/compare/0.6.3...0.6.4",
"refsource": "MISC",
"name": "https://github.com/kennylevinsen/seatd/compare/0.6.3...0.6.4"
},
{
"refsource": "MISC",
"name": "https://lists.sr.ht/~kennylevinsen/seatd-announce/%3CETEO7R.QG8B1KGD531R1%40kl.wtf%3E",
"url": "https://lists.sr.ht/~kennylevinsen/seatd-announce/%3CETEO7R.QG8B1KGD531R1%40kl.wtf%3E"
}
]
}