admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-11-24 02:01:10 +00:00
parent 8f0c1be170
commit 484ac44aa0
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
8 changed files with 668 additions and 650 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

293
2021/28xxx/CVE-2021-28705.json
View File

@ -1,147 +1,150 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@xenproject.org",
"ID" : "CVE-2021-28705"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "xen",
"version" : {
"version_data" : [
{
"version_value" : "4.14.x"
}
]
}
},
{
"product_name" : "xen",
"version" : {
"version_data" : [
{
"version_value" : "4.12.x"
}
]
}
},
{
"product_name" : "xen",
"version" : {
"version_data" : [
{
"version_value" : "4.15.x"
}
]
}
},
{
"product_name" : "xen",
"version" : {
"version_data" : [
{
"version_value" : "xen-unstable"
}
]
}
},
{
"product_name" : "xen",
"version" : {
"version_data" : [
{
"version_value" : "4.13.x"
}
]
}
}
]
},
"vendor_name" : "Xen"
"CVE_data_meta": {
"ASSIGNER": "security@xen.org",
"ID": "CVE-2021-28705",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "xen",
"version": {
"version_data": [
{
"version_value": "4.14.x"
}
]
}
},
{
"product_name": "xen",
"version": {
"version_data": [
{
"version_value": "4.12.x"
}
]
}
},
{
"product_name": "xen",
"version": {
"version_data": [
{
"version_value": "4.15.x"
}
]
}
},
{
"product_name": "xen",
"version": {
"version_data": [
{
"version_value": "xen-unstable"
}
]
}
},
{
"product_name": "xen",
"version": {
"version_data": [
{
"version_value": "4.13.x"
}
]
}
}
]
},
"vendor_name": "Xen"
}
]
}
},
"configuration": {
"configuration_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "All Xen versions from 3.4 onwards are affected. Xen versions 3.3 and\nolder are believed to not be affected.\n\nOnly x86 HVM and PVH guests started in populate-on-demand mode are\nbelieved to be able to leverage the vulnerability. Populate-on-demand\nmode is activated when the guest's xl configuration file specifies a\n\"maxmem\" value which is larger than the \"memory\" value."
}
]
}
]
}
},
"configuration" : {
"configuration_data" : {
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "All Xen versions from 3.4 onwards are affected. Xen versions 3.3 and\nolder are believed to not be affected.\n\nOnly x86 HVM and PVH guests started in populate-on-demand mode are\nbelieved to be able to leverage the vulnerability. Populate-on-demand\nmode is activated when the guest's xl configuration file specifies a\n\"maxmem\" value which is larger than the \"memory\" value."
}
]
}
}
},
"credit" : {
"credit_data" : {
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "This issue was discovered by Jan Beulich of SUSE."
}
]
}
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "issues with partially successful P2M updates on x86\n\nT[his CNA information record relates to multiple CVEs; the\ntext explains which aspects/vulnerabilities correspond to which CVE.]\n\nx86 HVM and PVH guests may be started in populate-on-demand (PoD) mode,\nto provide a way for them to later easily have more memory assigned.\n\nGuests are permitted to control certain P2M aspects of individual\npages via hypercalls. These hypercalls may act on ranges of pages\nspecified via page orders (resulting in a power-of-2 number of pages).\nIn some cases the hypervisor carries out the requests by splitting\nthem into smaller chunks. Error handling in certain PoD cases has\nbeen insufficient in that in particular partial success of some\noperations was not properly accounted for.\n\nThere are two code paths affected - page removal (CVE-2021-28705) and\ninsertion of new pages (CVE-2021-28709). (We provide one patch which\ncombines the fix to both issues.)"
}
]
},
"impact" : {
"impact_data" : {
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Malicious or buggy guest kernels may be able to mount a Denial of\nService (DoS) attack affecting the entire system. Privilege escalation\nand information leaks cannot be ruled out."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "unknown"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://xenbits.xenproject.org/xsa/advisory-389.txt"
}
]
},
"workaround" : {
"workaround_data" : {
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Not starting x86 HVM or PVH guests in populate-on-demand mode is\nbelieved to allow avoiding the vulnerability."
}
]
}
}
}
}
}
},
"credit": {
"credit_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was discovered by Jan Beulich of SUSE."
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. Guests are permitted to control certain P2M aspects of individual pages via hypercalls. These hypercalls may act on ranges of pages specified via page orders (resulting in a power-of-2 number of pages). In some cases the hypervisor carries out the requests by splitting them into smaller chunks. Error handling in certain PoD cases has been insufficient in that in particular partial success of some operations was not properly accounted for. There are two code paths affected - page removal (CVE-2021-28705) and insertion of new pages (CVE-2021-28709). (We provide one patch which combines the fix to both issues.)"
}
]
},
"impact": {
"impact_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "Malicious or buggy guest kernels may be able to mount a Denial of\nService (DoS) attack affecting the entire system. Privilege escalation\nand information leaks cannot be ruled out."
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unknown"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://xenbits.xenproject.org/xsa/advisory-389.txt",
"refsource": "MISC",
"name": "https://xenbits.xenproject.org/xsa/advisory-389.txt"
}
]
},
"workaround": {
"workaround_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "Not starting x86 HVM or PVH guests in populate-on-demand mode is\nbelieved to allow avoiding the vulnerability."
}
]
}
}
}
}

293
2021/28xxx/CVE-2021-28709.json
View File

@ -1,147 +1,150 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@xenproject.org",
"ID" : "CVE-2021-28709"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "xen",
"version" : {
"version_data" : [
{
"version_value" : "4.14.x"
}
]
}
},
{
"product_name" : "xen",
"version" : {
"version_data" : [
{
"version_value" : "4.12.x"
}
]
}
},
{
"product_name" : "xen",
"version" : {
"version_data" : [
{
"version_value" : "4.15.x"
}
]
}
},
{
"product_name" : "xen",
"version" : {
"version_data" : [
{
"version_value" : "xen-unstable"
}
]
}
},
{
"product_name" : "xen",
"version" : {
"version_data" : [
{
"version_value" : "4.13.x"
}
]
}
}
]
},
"vendor_name" : "Xen"
"CVE_data_meta": {
"ASSIGNER": "security@xen.org",
"ID": "CVE-2021-28709",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "xen",
"version": {
"version_data": [
{
"version_value": "4.14.x"
}
]
}
},
{
"product_name": "xen",
"version": {
"version_data": [
{
"version_value": "4.12.x"
}
]
}
},
{
"product_name": "xen",
"version": {
"version_data": [
{
"version_value": "4.15.x"
}
]
}
},
{
"product_name": "xen",
"version": {
"version_data": [
{
"version_value": "xen-unstable"
}
]
}
},
{
"product_name": "xen",
"version": {
"version_data": [
{
"version_value": "4.13.x"
}
]
}
}
]
},
"vendor_name": "Xen"
}
]
}
},
"configuration": {
"configuration_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "All Xen versions from 3.4 onwards are affected. Xen versions 3.3 and\nolder are believed to not be affected.\n\nOnly x86 HVM and PVH guests started in populate-on-demand mode are\nbelieved to be able to leverage the vulnerability. Populate-on-demand\nmode is activated when the guest's xl configuration file specifies a\n\"maxmem\" value which is larger than the \"memory\" value."
}
]
}
]
}
},
"configuration" : {
"configuration_data" : {
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "All Xen versions from 3.4 onwards are affected. Xen versions 3.3 and\nolder are believed to not be affected.\n\nOnly x86 HVM and PVH guests started in populate-on-demand mode are\nbelieved to be able to leverage the vulnerability. Populate-on-demand\nmode is activated when the guest's xl configuration file specifies a\n\"maxmem\" value which is larger than the \"memory\" value."
}
]
}
}
},
"credit" : {
"credit_data" : {
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "This issue was discovered by Jan Beulich of SUSE."
}
]
}
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "issues with partially successful P2M updates on x86\n\nT[his CNA information record relates to multiple CVEs; the\ntext explains which aspects/vulnerabilities correspond to which CVE.]\n\nx86 HVM and PVH guests may be started in populate-on-demand (PoD) mode,\nto provide a way for them to later easily have more memory assigned.\n\nGuests are permitted to control certain P2M aspects of individual\npages via hypercalls. These hypercalls may act on ranges of pages\nspecified via page orders (resulting in a power-of-2 number of pages).\nIn some cases the hypervisor carries out the requests by splitting\nthem into smaller chunks. Error handling in certain PoD cases has\nbeen insufficient in that in particular partial success of some\noperations was not properly accounted for.\n\nThere are two code paths affected - page removal (CVE-2021-28705) and\ninsertion of new pages (CVE-2021-28709). (We provide one patch which\ncombines the fix to both issues.)"
}
]
},
"impact" : {
"impact_data" : {
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Malicious or buggy guest kernels may be able to mount a Denial of\nService (DoS) attack affecting the entire system. Privilege escalation\nand information leaks cannot be ruled out."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "unknown"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://xenbits.xenproject.org/xsa/advisory-389.txt"
}
]
},
"workaround" : {
"workaround_data" : {
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Not starting x86 HVM or PVH guests in populate-on-demand mode is\nbelieved to allow avoiding the vulnerability."
}
]
}
}
}
}
}
},
"credit": {
"credit_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was discovered by Jan Beulich of SUSE."
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned. Guests are permitted to control certain P2M aspects of individual pages via hypercalls. These hypercalls may act on ranges of pages specified via page orders (resulting in a power-of-2 number of pages). In some cases the hypervisor carries out the requests by splitting them into smaller chunks. Error handling in certain PoD cases has been insufficient in that in particular partial success of some operations was not properly accounted for. There are two code paths affected - page removal (CVE-2021-28705) and insertion of new pages (CVE-2021-28709). (We provide one patch which combines the fix to both issues.)"
}
]
},
"impact": {
"impact_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "Malicious or buggy guest kernels may be able to mount a Denial of\nService (DoS) attack affecting the entire system. Privilege escalation\nand information leaks cannot be ruled out."
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unknown"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://xenbits.xenproject.org/xsa/advisory-389.txt",
"refsource": "MISC",
"name": "https://xenbits.xenproject.org/xsa/advisory-389.txt"
}
]
},
"workaround": {
"workaround_data": {
"description": {
"description_data": [
{
"lang": "eng",
"value": "Not starting x86 HVM or PVH guests in populate-on-demand mode is\nbelieved to allow avoiding the vulnerability."
}
]
}
}
}
}

112
2021/42xxx/CVE-2021-42297.json
View File

@ -1,60 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2021-42297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows Update Assistant",
"version": {
"version_data": [
{
"version_value": ""
}
]
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2021-42297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows Update Assistant",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Windows 10 Update Assistant Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-43211."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Windows 10 Update Assistant Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-43211."
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42297"
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42297",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42297"
}
]
}
}

172
2021/42xxx/CVE-2021-42306.json
View File

@ -1,90 +1,92 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2021-42306",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Azure Automation",
"version": {
"version_data": [
{
"version_value": ""
}
]
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2021-42306",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Azure Automation",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Azure Active Directory",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Azure Site Recovery",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Azure Migrate",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
},
{
"product_name": "Azure Active Directory",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Azure Site Recovery",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Azure Migrate",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Azure Active Directory Information Disclosure Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Azure Active Directory Information Disclosure Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42306"
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42306",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42306"
}
]
}
}

112
2021/42xxx/CVE-2021-42308.json
View File

@ -1,60 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2021-42308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (Chromium-based)",
"version": {
"version_data": [
{
"version_value": ""
}
]
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2021-42308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (Chromium-based)",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Edge (Chromium-based) Spoofing Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Spoofing"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Edge (Chromium-based) Spoofing Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42308"
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Spoofing"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42308",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42308"
}
]
}
}

112
2021/43xxx/CVE-2021-43211.json
View File

@ -1,60 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2021-43211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows Update Assistant",
"version": {
"version_data": [
{
"version_value": ""
}
]
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2021-43211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows Update Assistant",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Windows 10 Update Assistant Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42297."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Windows 10 Update Assistant Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42297."
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43211"
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43211",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43211"
}
]
}
}

112
2021/43xxx/CVE-2021-43220.json
View File

@ -1,60 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2021-43220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge for iOS",
"version": {
"version_data": [
{
"version_value": ""
}
]
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2021-43220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge for iOS",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Edge for iOS Spoofing Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Spoofing"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Edge for iOS Spoofing Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43220"
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Spoofing"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43220",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43220"
}
]
}
}

112
2021/43xxx/CVE-2021-43221.json
View File

@ -1,60 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2021-43221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (Chromium-based)",
"version": {
"version_data": [
{
"version_value": ""
}
]
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2021-43221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Edge (Chromium-based)",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43221"
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43221",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43221"
}
]
}
}