diff --git a/2018/21xxx/CVE-2018-21034.json b/2018/21xxx/CVE-2018-21034.json index 7200bcd6d4f..56d67bbf8f8 100644 --- a/2018/21xxx/CVE-2018-21034.json +++ b/2018/21xxx/CVE-2018-21034.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2018-21034", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2018-21034", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Argo versions prior to v1.5.0-rc1, it was possible for authenticated Argo users to submit API calls to retrieve secrets and other manifests which were stored within git." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/argoproj/argo-cd/blob/a1afe44066fcd0a0ab90a02a23177164bbad42cf/util/diff/diff.go#L399", + "refsource": "MISC", + "name": "https://github.com/argoproj/argo-cd/blob/a1afe44066fcd0a0ab90a02a23177164bbad42cf/util/diff/diff.go#L399" + }, + { + "url": "https://github.com/argoproj/argo-cd/issues/470", + "refsource": "MISC", + "name": "https://github.com/argoproj/argo-cd/issues/470" + }, + { + "refsource": "MISC", + "name": "https://github.com/argoproj/argo-cd/pull/3088", + "url": "https://github.com/argoproj/argo-cd/pull/3088" + }, + { + "refsource": "MISC", + "name": "https://www.soluble.ai/blog/argo-cves-2020", + "url": "https://www.soluble.ai/blog/argo-cves-2020" } ] } diff --git a/2020/5xxx/CVE-2020-5247.json b/2020/5xxx/CVE-2020-5247.json index b0ea1514d1f..768ab50db6f 100644 --- a/2020/5xxx/CVE-2020-5247.json +++ b/2020/5xxx/CVE-2020-5247.json @@ -86,6 +86,11 @@ "name": "https://www.ruby-lang.org/en/news/2019/10/01/http-response-splitting-in-webrick-cve-2019-16254", "refsource": "MISC", "url": "https://www.ruby-lang.org/en/news/2019/10/01/http-response-splitting-in-webrick-cve-2019-16254" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-a3f26a9387", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJ3LL5F5QADB6LM46GXZETREAKZMQNRD/" } ] }, @@ -93,4 +98,4 @@ "advisory": "GHSA-84j7-475p-hp8v", "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5249.json b/2020/5xxx/CVE-2020-5249.json index 9646f24e008..ae6c2023817 100644 --- a/2020/5xxx/CVE-2020-5249.json +++ b/2020/5xxx/CVE-2020-5249.json @@ -91,6 +91,11 @@ "name": "https://github.com/puma/puma/commit/c22712fc93284a45a93f9ad7023888f3a65524f3", "refsource": "MISC", "url": "https://github.com/puma/puma/commit/c22712fc93284a45a93f9ad7023888f3a65524f3" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-a3f26a9387", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJ3LL5F5QADB6LM46GXZETREAKZMQNRD/" } ] }, diff --git a/2020/5xxx/CVE-2020-5255.json b/2020/5xxx/CVE-2020-5255.json index d204029eae7..c4189104071 100644 --- a/2020/5xxx/CVE-2020-5255.json +++ b/2020/5xxx/CVE-2020-5255.json @@ -86,6 +86,11 @@ "refsource": "MISC", "name": "https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header", "url": "https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-fade6a8df7", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/" } ] }, diff --git a/2020/5xxx/CVE-2020-5275.json b/2020/5xxx/CVE-2020-5275.json index a756e67b2b3..7e77e246025 100644 --- a/2020/5xxx/CVE-2020-5275.json +++ b/2020/5xxx/CVE-2020-5275.json @@ -81,6 +81,11 @@ "name": "https://github.com/symfony/symfony/commit/c935e4a3fba6cc2ab463a6ca382858068d63cebf", "refsource": "CONFIRM", "url": "https://github.com/symfony/symfony/commit/c935e4a3fba6cc2ab463a6ca382858068d63cebf" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-fade6a8df7", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/" } ] },