From 4a25a7c25b11e0bcb6d154a3dffd004dfd903749 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 24 May 2022 19:01:26 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/3xxx/CVE-2021-3597.json | 50 ++++++++++++++++++++++++++++-- 2021/3xxx/CVE-2021-3629.json | 50 ++++++++++++++++++++++++++++-- 2021/3xxx/CVE-2021-3717.json | 50 ++++++++++++++++++++++++++++-- 2021/42xxx/CVE-2021-42612.json | 56 ++++++++++++++++++++++++++++++---- 2021/42xxx/CVE-2021-42613.json | 56 ++++++++++++++++++++++++++++++---- 2021/42xxx/CVE-2021-42614.json | 56 ++++++++++++++++++++++++++++++---- 2022/1xxx/CVE-2022-1853.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1854.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1855.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1856.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1857.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1858.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1859.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1860.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1861.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1862.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1863.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1864.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1865.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1866.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1867.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1868.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1869.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1870.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1871.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1872.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1873.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1874.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1875.json | 18 +++++++++++ 2022/1xxx/CVE-2022-1876.json | 18 +++++++++++ 2022/22xxx/CVE-2022-22475.json | 2 +- 2022/22xxx/CVE-2022-22977.json | 50 ++++++++++++++++++++++++++++-- 2022/23xxx/CVE-2022-23050.json | 55 +++++++++++++++++++++++++++++++-- 33 files changed, 823 insertions(+), 34 deletions(-) create mode 100644 2022/1xxx/CVE-2022-1853.json create mode 100644 2022/1xxx/CVE-2022-1854.json create mode 100644 2022/1xxx/CVE-2022-1855.json create mode 100644 2022/1xxx/CVE-2022-1856.json create mode 100644 2022/1xxx/CVE-2022-1857.json create mode 100644 2022/1xxx/CVE-2022-1858.json create mode 100644 2022/1xxx/CVE-2022-1859.json create mode 100644 2022/1xxx/CVE-2022-1860.json create mode 100644 2022/1xxx/CVE-2022-1861.json create mode 100644 2022/1xxx/CVE-2022-1862.json create mode 100644 2022/1xxx/CVE-2022-1863.json create mode 100644 2022/1xxx/CVE-2022-1864.json create mode 100644 2022/1xxx/CVE-2022-1865.json create mode 100644 2022/1xxx/CVE-2022-1866.json create mode 100644 2022/1xxx/CVE-2022-1867.json create mode 100644 2022/1xxx/CVE-2022-1868.json create mode 100644 2022/1xxx/CVE-2022-1869.json create mode 100644 2022/1xxx/CVE-2022-1870.json create mode 100644 2022/1xxx/CVE-2022-1871.json create mode 100644 2022/1xxx/CVE-2022-1872.json create mode 100644 2022/1xxx/CVE-2022-1873.json create mode 100644 2022/1xxx/CVE-2022-1874.json create mode 100644 2022/1xxx/CVE-2022-1875.json create mode 100644 2022/1xxx/CVE-2022-1876.json diff --git a/2021/3xxx/CVE-2021-3597.json b/2021/3xxx/CVE-2021-3597.json index 215b846efef..54aec9d2ab5 100644 --- a/2021/3xxx/CVE-2021-3597.json +++ b/2021/3xxx/CVE-2021-3597.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3597", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "undertow", + "version": { + "version_data": [ + { + "version_value": "undertow 2.0.35.SP1, undertow 2.2.6.SP1, undertow 2.2.7.SP1, undertow 2.0.36.SP1, undertow 2.2.9.Final, undertow 2.0.39.Final" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-362" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1970930", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970930" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1, prior to 2.0.36.SP1, prior to 2.2.9.Final and prior to 2.0.39.Final." } ] } diff --git a/2021/3xxx/CVE-2021-3629.json b/2021/3xxx/CVE-2021-3629.json index b09e4b44a80..b9f7daab396 100644 --- a/2021/3xxx/CVE-2021-3629.json +++ b/2021/3xxx/CVE-2021-3629.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3629", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "undertow", + "version": { + "version_data": [ + { + "version_value": "undertow 2.0.40.Final, undertow 2.2.11.Final" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-400" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1977362", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977362" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and prior to 2.2.11.Final." } ] } diff --git a/2021/3xxx/CVE-2021-3717.json b/2021/3xxx/CVE-2021-3717.json index df1dbd44665..7cb6492a035 100644 --- a/2021/3xxx/CVE-2021-3717.json +++ b/2021/3xxx/CVE-2021-3717.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3717", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "wildfly", + "version": { + "version_data": [ + { + "version_value": "wildfly-core 17.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-552" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1991305", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991305" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability. This flaw affects wildfly-core versions prior to 17.0." } ] } diff --git a/2021/42xxx/CVE-2021-42612.json b/2021/42xxx/CVE-2021-42612.json index 97a5a5d91fc..30b0de3bbac 100644 --- a/2021/42xxx/CVE-2021-42612.json +++ b/2021/42xxx/CVE-2021-42612.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42612", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42612", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://carteryagemann.com/halibut-case-study.html#poc-halibut-text-uaf", + "refsource": "MISC", + "name": "https://carteryagemann.com/halibut-case-study.html#poc-halibut-text-uaf" } ] } diff --git a/2021/42xxx/CVE-2021-42613.json b/2021/42xxx/CVE-2021-42613.json index cd6ae507c71..4261b3f4a07 100644 --- a/2021/42xxx/CVE-2021-42613.json +++ b/2021/42xxx/CVE-2021-42613.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42613", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42613", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A double free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://carteryagemann.com/halibut-case-study.html#poc-halibut-winhelp-df", + "refsource": "MISC", + "name": "https://carteryagemann.com/halibut-case-study.html#poc-halibut-winhelp-df" } ] } diff --git a/2021/42xxx/CVE-2021-42614.json b/2021/42xxx/CVE-2021-42614.json index 5749bf97bd9..9e8a1c3b2f4 100644 --- a/2021/42xxx/CVE-2021-42614.json +++ b/2021/42xxx/CVE-2021-42614.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42614", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42614", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://carteryagemann.com/halibut-case-study.html#poc-halibut-info-uaf", + "refsource": "MISC", + "name": "https://carteryagemann.com/halibut-case-study.html#poc-halibut-info-uaf" } ] } diff --git a/2022/1xxx/CVE-2022-1853.json b/2022/1xxx/CVE-2022-1853.json new file mode 100644 index 00000000000..f856bd12471 --- /dev/null +++ b/2022/1xxx/CVE-2022-1853.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1853", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1854.json b/2022/1xxx/CVE-2022-1854.json new file mode 100644 index 00000000000..3dffdef3fbe --- /dev/null +++ b/2022/1xxx/CVE-2022-1854.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1854", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1855.json b/2022/1xxx/CVE-2022-1855.json new file mode 100644 index 00000000000..bb35fa41eb2 --- /dev/null +++ b/2022/1xxx/CVE-2022-1855.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1855", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1856.json b/2022/1xxx/CVE-2022-1856.json new file mode 100644 index 00000000000..ccda74683b7 --- /dev/null +++ b/2022/1xxx/CVE-2022-1856.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1856", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1857.json b/2022/1xxx/CVE-2022-1857.json new file mode 100644 index 00000000000..1d00539b626 --- /dev/null +++ b/2022/1xxx/CVE-2022-1857.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1857", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1858.json b/2022/1xxx/CVE-2022-1858.json new file mode 100644 index 00000000000..88c303a0a22 --- /dev/null +++ b/2022/1xxx/CVE-2022-1858.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1858", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1859.json b/2022/1xxx/CVE-2022-1859.json new file mode 100644 index 00000000000..7b0598ce54b --- /dev/null +++ b/2022/1xxx/CVE-2022-1859.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1859", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1860.json b/2022/1xxx/CVE-2022-1860.json new file mode 100644 index 00000000000..53bd8937889 --- /dev/null +++ b/2022/1xxx/CVE-2022-1860.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1860", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1861.json b/2022/1xxx/CVE-2022-1861.json new file mode 100644 index 00000000000..45b292271be --- /dev/null +++ b/2022/1xxx/CVE-2022-1861.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1861", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1862.json b/2022/1xxx/CVE-2022-1862.json new file mode 100644 index 00000000000..e63991de93b --- /dev/null +++ b/2022/1xxx/CVE-2022-1862.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1862", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1863.json b/2022/1xxx/CVE-2022-1863.json new file mode 100644 index 00000000000..8b4cc23207a --- /dev/null +++ b/2022/1xxx/CVE-2022-1863.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1863", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1864.json b/2022/1xxx/CVE-2022-1864.json new file mode 100644 index 00000000000..fc2bbd2f350 --- /dev/null +++ b/2022/1xxx/CVE-2022-1864.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1864", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1865.json b/2022/1xxx/CVE-2022-1865.json new file mode 100644 index 00000000000..fa348430f20 --- /dev/null +++ b/2022/1xxx/CVE-2022-1865.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1865", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1866.json b/2022/1xxx/CVE-2022-1866.json new file mode 100644 index 00000000000..02079003b75 --- /dev/null +++ b/2022/1xxx/CVE-2022-1866.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1866", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1867.json b/2022/1xxx/CVE-2022-1867.json new file mode 100644 index 00000000000..82de074d3f7 --- /dev/null +++ b/2022/1xxx/CVE-2022-1867.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1867", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1868.json b/2022/1xxx/CVE-2022-1868.json new file mode 100644 index 00000000000..c7307b253d8 --- /dev/null +++ b/2022/1xxx/CVE-2022-1868.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1868", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1869.json b/2022/1xxx/CVE-2022-1869.json new file mode 100644 index 00000000000..d0bb7ad951b --- /dev/null +++ b/2022/1xxx/CVE-2022-1869.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1869", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1870.json b/2022/1xxx/CVE-2022-1870.json new file mode 100644 index 00000000000..0263c583732 --- /dev/null +++ b/2022/1xxx/CVE-2022-1870.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1870", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1871.json b/2022/1xxx/CVE-2022-1871.json new file mode 100644 index 00000000000..4fda9c1dfd2 --- /dev/null +++ b/2022/1xxx/CVE-2022-1871.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1871", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1872.json b/2022/1xxx/CVE-2022-1872.json new file mode 100644 index 00000000000..3174fbd8397 --- /dev/null +++ b/2022/1xxx/CVE-2022-1872.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1872", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1873.json b/2022/1xxx/CVE-2022-1873.json new file mode 100644 index 00000000000..b06df1755c9 --- /dev/null +++ b/2022/1xxx/CVE-2022-1873.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1873", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1874.json b/2022/1xxx/CVE-2022-1874.json new file mode 100644 index 00000000000..b6d92501a79 --- /dev/null +++ b/2022/1xxx/CVE-2022-1874.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1874", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1875.json b/2022/1xxx/CVE-2022-1875.json new file mode 100644 index 00000000000..7af39b795b8 --- /dev/null +++ b/2022/1xxx/CVE-2022-1875.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1875", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1876.json b/2022/1xxx/CVE-2022-1876.json new file mode 100644 index 00000000000..c3fdb67bf98 --- /dev/null +++ b/2022/1xxx/CVE-2022-1876.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1876", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/22xxx/CVE-2022-22475.json b/2022/22xxx/CVE-2022-22475.json index aa1b7c58ac2..882eb1038a1 100644 --- a/2022/22xxx/CVE-2022-22475.json +++ b/2022/22xxx/CVE-2022-22475.json @@ -29,7 +29,7 @@ "description": { "description_data": [ { - "value": "IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 and Open Liberty are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603.", + "value": "IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603.", "lang": "eng" } ] diff --git a/2022/22xxx/CVE-2022-22977.json b/2022/22xxx/CVE-2022-22977.json index 06c2be5e4ed..3709628e84e 100644 --- a/2022/22xxx/CVE-2022-22977.json +++ b/2022/22xxx/CVE-2022-22977.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-22977", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@vmware.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "VMware Tools for Windows", + "version": { + "version_data": [ + { + "version_value": "VMware Tools for Windows (12.0.0, 11.x.y and 10.x.y)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "XML External Entity (XXE) vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.vmware.com/security/advisories/VMSA-2022-0015.html", + "url": "https://www.vmware.com/security/advisories/VMSA-2022-0015.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "VMware Tools for Windows(12.0.0, 11.x.y and 10.x.y) contains an XML External Entity (XXE) vulnerability. A malicious actor with non-administrative local user privileges in the Windows guest OS, where VMware Tools is installed, may exploit this issue leading to a denial-of-service condition or unintended information disclosure." } ] } diff --git a/2022/23xxx/CVE-2022-23050.json b/2022/23xxx/CVE-2022-23050.json index 4f8e2f539d5..bd07dc7ff96 100644 --- a/2022/23xxx/CVE-2022-23050.json +++ b/2022/23xxx/CVE-2022-23050.json @@ -4,14 +4,63 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-23050", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "help@fluidattacks.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "ManageEngine AppManager15", + "version": { + "version_data": [ + { + "version_value": "Build No:15510" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DLL Hijacking" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://fluidattacks.com/advisories/cerati/", + "url": "https://fluidattacks.com/advisories/cerati/" + }, + { + "refsource": "MISC", + "name": "https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2022-23050.html", + "url": "https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2022-23050.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ManageEngine AppManager15 (Build No:15510) allows an authenticated admin user to upload a DLL file to perform a DLL hijack attack inside the 'working' folder through the 'Upload Files / Binaries' functionality." } ] }