diff --git a/2020/12xxx/CVE-2020-12512.json b/2020/12xxx/CVE-2020-12512.json index c81cc6e6736..7adf9d62e99 100644 --- a/2020/12xxx/CVE-2020-12512.json +++ b/2020/12xxx/CVE-2020-12512.json @@ -1,109 +1,109 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "CVE_data_meta": { - "ID": "CVE-2020-12512", - "ASSIGNER": "info@cert.vde.com", - "DATE_PUBLIC": "2021-01-04T11:00:00.000Z", - "TITLE": "Pepper+Fuchs Comtrol IO-Link Master Cross-Site Scripting", - "AKA": "", - "STATE": "PUBLIC" - }, - "source": { - "defect": [ - "VDE-2020-038" - ], - "advisory": "VDE-2020-038", - "discovery": "EXTERNAL" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Pepper+Fuchs", - "product": { - "product_data": [ - { - "product_name": "Comtrol IO-Link Master", - "version": { - "version_data": [ - { - "version_name": "", - "version_affected": "<=", - "version_value": "1.5.48", - "platform": "" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "CVE_data_meta": { + "ID": "CVE-2020-12512", + "ASSIGNER": "info@cert.vde.com", + "DATE_PUBLIC": "2021-01-04T11:00:00.000Z", + "TITLE": "Pepper+Fuchs Comtrol IO-Link Master Cross-Site Scripting", + "AKA": "", + "STATE": "PUBLIC" + }, + "source": { + "defect": [ + "VDE-2020-038" + ], + "advisory": "VDE-2020-038", + "discovery": "EXTERNAL" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Pepper+Fuchs", + "product": { + "product_data": [ + { + "product_name": "Comtrol IO-Link Master", + "version": { + "version_data": [ + { + "version_name": "", + "version_affected": "<=", + "version_value": "1.5.48", + "platform": "" + } + ] + } + } + ] } - ] } - } ] - } } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Cross-site Scripting (XSS)" - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-site Scripting (XSS)" + } + ] + } ] - } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://cert.vde.com/en-us/advisories/vde-2020-038", + "name": "https://cert.vde.com/en-us/advisories/vde-2020-038" + } + ] + }, + "configuration": [], + "impact": { + "cvss": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH" + } + }, + "exploit": [], + "work_around": [], + "solution": [ + { + "lang": "eng", + "value": "In order to prevent the exploitation of the reported vulnerabilities, we recommend that the\naffected units be updated with the following three firmware packages:\n\nU-Boot bootloader version 1.36 or newer\nSystem image version 1.52 or newer\nApplication base version 1.6.11 or newer" + } + ], + "credit": [ + { + "lang": "eng", + "value": "T.Weber (SEC Consult Vulnerability Lab) reported this vulnerability. Coordinated by CERT@VDE." + } ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting " - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "CONFIRM", - "url": "https://cert.vde.com/en-us/advisories/vde-2020-038", - "name": "https://cert.vde.com/en-us/advisories/vde-2020-038" - } - ] - }, - "configuration": [], - "impact": { - "cvss": { - "version": "3.1", - "attackVector": "NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "LOW", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", - "baseScore": 7.5, - "baseSeverity": "HIGH" - } - }, - "exploit": [], - "work_around": [], - "solution": [ - { - "lang": "eng", - "value": "In order to prevent the exploitation of the reported vulnerabilities, we recommend that the\naffected units be updated with the following three firmware packages:\n\nU-Boot bootloader version 1.36 or newer\nSystem image version 1.52 or newer\nApplication base version 1.6.11 or newer" - } - ], - "credit": [ - { - "lang": "eng", - "value": "T.Weber (SEC Consult Vulnerability Lab) reported this vulnerability. Coordinated by CERT@VDE." - } - ] } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13209.json b/2020/13xxx/CVE-2020-13209.json index 53e8c052169..dc1e4dc7009 100644 --- a/2020/13xxx/CVE-2020-13209.json +++ b/2020/13xxx/CVE-2020-13209.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-13209", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none." } ] } diff --git a/2020/13xxx/CVE-2020-13210.json b/2020/13xxx/CVE-2020-13210.json index bcf64565414..0d36edeefa0 100644 --- a/2020/13xxx/CVE-2020-13210.json +++ b/2020/13xxx/CVE-2020-13210.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-13210", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none." } ] } diff --git a/2020/13xxx/CVE-2020-13211.json b/2020/13xxx/CVE-2020-13211.json index 0fb48e7d580..3f241a6990a 100644 --- a/2020/13xxx/CVE-2020-13211.json +++ b/2020/13xxx/CVE-2020-13211.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-13211", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none." } ] } diff --git a/2020/13xxx/CVE-2020-13212.json b/2020/13xxx/CVE-2020-13212.json index 529fcd95819..246144820b6 100644 --- a/2020/13xxx/CVE-2020-13212.json +++ b/2020/13xxx/CVE-2020-13212.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-13212", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none." } ] } diff --git a/2020/13xxx/CVE-2020-13213.json b/2020/13xxx/CVE-2020-13213.json index 49538800cb7..752af1bcecb 100644 --- a/2020/13xxx/CVE-2020-13213.json +++ b/2020/13xxx/CVE-2020-13213.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-13213", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none." } ] } diff --git a/2020/13xxx/CVE-2020-13214.json b/2020/13xxx/CVE-2020-13214.json index 676f9265bc0..4b09721bceb 100644 --- a/2020/13xxx/CVE-2020-13214.json +++ b/2020/13xxx/CVE-2020-13214.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-13214", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none." } ] } diff --git a/2020/13xxx/CVE-2020-13215.json b/2020/13xxx/CVE-2020-13215.json index a943064b6b1..23c8ec217da 100644 --- a/2020/13xxx/CVE-2020-13215.json +++ b/2020/13xxx/CVE-2020-13215.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-13215", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none." } ] } diff --git a/2020/13xxx/CVE-2020-13216.json b/2020/13xxx/CVE-2020-13216.json index 797a7cc472f..a3955325068 100644 --- a/2020/13xxx/CVE-2020-13216.json +++ b/2020/13xxx/CVE-2020-13216.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-13216", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none." } ] } diff --git a/2020/13xxx/CVE-2020-13217.json b/2020/13xxx/CVE-2020-13217.json index b8703ea3c3c..aaedace07e6 100644 --- a/2020/13xxx/CVE-2020-13217.json +++ b/2020/13xxx/CVE-2020-13217.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-13217", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none." } ] } diff --git a/2020/13xxx/CVE-2020-13218.json b/2020/13xxx/CVE-2020-13218.json index d79e2845c1d..0d1ce1020ae 100644 --- a/2020/13xxx/CVE-2020-13218.json +++ b/2020/13xxx/CVE-2020-13218.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-13218", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none." } ] } diff --git a/2020/13xxx/CVE-2020-13219.json b/2020/13xxx/CVE-2020-13219.json index b1d15c99d31..c851be54d14 100644 --- a/2020/13xxx/CVE-2020-13219.json +++ b/2020/13xxx/CVE-2020-13219.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-13219", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none." } ] } diff --git a/2020/13xxx/CVE-2020-13220.json b/2020/13xxx/CVE-2020-13220.json index 2df2711b7f6..9f3dc7c374f 100644 --- a/2020/13xxx/CVE-2020-13220.json +++ b/2020/13xxx/CVE-2020-13220.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-13220", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none." } ] } diff --git a/2020/13xxx/CVE-2020-13221.json b/2020/13xxx/CVE-2020-13221.json index 747176d52fa..921d27a156f 100644 --- a/2020/13xxx/CVE-2020-13221.json +++ b/2020/13xxx/CVE-2020-13221.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-13221", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none." } ] } diff --git a/2020/13xxx/CVE-2020-13222.json b/2020/13xxx/CVE-2020-13222.json index da6278e4f31..6b176494e6a 100644 --- a/2020/13xxx/CVE-2020-13222.json +++ b/2020/13xxx/CVE-2020-13222.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2020-13222", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none." } ] } diff --git a/2020/14xxx/CVE-2020-14872.json b/2020/14xxx/CVE-2020-14872.json index 7ff0f2af522..03c8329960b 100644 --- a/2020/14xxx/CVE-2020-14872.json +++ b/2020/14xxx/CVE-2020-14872.json @@ -64,6 +64,11 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2020/14xxx/CVE-2020-14881.json b/2020/14xxx/CVE-2020-14881.json index 784ff44a8cb..9156081cfca 100644 --- a/2020/14xxx/CVE-2020-14881.json +++ b/2020/14xxx/CVE-2020-14881.json @@ -69,6 +69,11 @@ "refsource": "MISC", "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1278/", "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1278/" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2020/14xxx/CVE-2020-14886.json b/2020/14xxx/CVE-2020-14886.json index b1f8815ad56..e07d20ae696 100644 --- a/2020/14xxx/CVE-2020-14886.json +++ b/2020/14xxx/CVE-2020-14886.json @@ -69,6 +69,11 @@ "refsource": "MISC", "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1280/", "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1280/" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2020/14xxx/CVE-2020-14889.json b/2020/14xxx/CVE-2020-14889.json index 388554c8fd6..b967412663a 100644 --- a/2020/14xxx/CVE-2020-14889.json +++ b/2020/14xxx/CVE-2020-14889.json @@ -64,6 +64,11 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2020/14xxx/CVE-2020-14892.json b/2020/14xxx/CVE-2020-14892.json index 74166fc064b..41b1116e638 100644 --- a/2020/14xxx/CVE-2020-14892.json +++ b/2020/14xxx/CVE-2020-14892.json @@ -64,6 +64,11 @@ "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2020/20xxx/CVE-2020-20269.json b/2020/20xxx/CVE-2020-20269.json index e24831e0edf..14bc9c4a00f 100644 --- a/2020/20xxx/CVE-2020-20269.json +++ b/2020/20xxx/CVE-2020-20269.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20269", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20269", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A specially crafted Markdown document could cause the execution of malicious JavaScript code in Caret Editor before 4.0.0-rc22." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/careteditor/issues/issues/841", + "refsource": "MISC", + "name": "https://github.com/careteditor/issues/issues/841" + }, + { + "refsource": "MISC", + "name": "https://github.com/careteditor/releases-beta/releases/tag/4.0.0-rc22", + "url": "https://github.com/careteditor/releases-beta/releases/tag/4.0.0-rc22" + }, + { + "refsource": "MISC", + "name": "https://caret.io", + "url": "https://caret.io" + }, + { + "refsource": "MISC", + "name": "https://seclists.org/fulldisclosure/2021/Jan/59", + "url": "https://seclists.org/fulldisclosure/2021/Jan/59" } ] } diff --git a/2020/25xxx/CVE-2020-25683.json b/2020/25xxx/CVE-2020-25683.json index 359aa4c247f..5c2fa5ce5d9 100644 --- a/2020/25xxx/CVE-2020-25683.json +++ b/2020/25xxx/CVE-2020-25683.json @@ -58,6 +58,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-84440e87ba", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYW3IR6APUSKOYKL5FT3ACTIHWHGQY32/" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-17", + "url": "https://security.gentoo.org/glsa/202101-17" } ] }, diff --git a/2020/26xxx/CVE-2020-26164.json b/2020/26xxx/CVE-2020-26164.json index 3fa0737ded2..47aaa14973d 100644 --- a/2020/26xxx/CVE-2020-26164.json +++ b/2020/26xxx/CVE-2020-26164.json @@ -136,6 +136,11 @@ "refsource": "MLIST", "name": "[oss-security] 20201130 Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon", "url": "http://www.openwall.com/lists/oss-security/2020/11/30/1" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-16", + "url": "https://security.gentoo.org/glsa/202101-16" } ] } diff --git a/2020/26xxx/CVE-2020-26418.json b/2020/26xxx/CVE-2020-26418.json index 07adf65626e..49cbef582e8 100644 --- a/2020/26xxx/CVE-2020-26418.json +++ b/2020/26xxx/CVE-2020-26418.json @@ -61,6 +61,11 @@ "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26418.json", "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26418.json", "refsource": "CONFIRM" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-12", + "url": "https://security.gentoo.org/glsa/202101-12" } ] }, diff --git a/2020/26xxx/CVE-2020-26419.json b/2020/26xxx/CVE-2020-26419.json index 4ad9f6bb32a..69c303c50f4 100644 --- a/2020/26xxx/CVE-2020-26419.json +++ b/2020/26xxx/CVE-2020-26419.json @@ -58,6 +58,11 @@ "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26419.json", "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26419.json", "refsource": "CONFIRM" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-12", + "url": "https://security.gentoo.org/glsa/202101-12" } ] }, diff --git a/2020/26xxx/CVE-2020-26420.json b/2020/26xxx/CVE-2020-26420.json index 8eed74b4c22..68fef7de8c8 100644 --- a/2020/26xxx/CVE-2020-26420.json +++ b/2020/26xxx/CVE-2020-26420.json @@ -61,6 +61,11 @@ "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26420.json", "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26420.json", "refsource": "CONFIRM" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-12", + "url": "https://security.gentoo.org/glsa/202101-12" } ] }, diff --git a/2020/26xxx/CVE-2020-26421.json b/2020/26xxx/CVE-2020-26421.json index 05b375c58b2..659bbccf540 100644 --- a/2020/26xxx/CVE-2020-26421.json +++ b/2020/26xxx/CVE-2020-26421.json @@ -61,6 +61,11 @@ "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26421.json", "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26421.json", "refsource": "CONFIRM" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-12", + "url": "https://security.gentoo.org/glsa/202101-12" } ] }, diff --git a/2020/26xxx/CVE-2020-26422.json b/2020/26xxx/CVE-2020-26422.json index 2a2f1084e96..d129d6de2e9 100644 --- a/2020/26xxx/CVE-2020-26422.json +++ b/2020/26xxx/CVE-2020-26422.json @@ -58,6 +58,11 @@ "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26422.json", "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26422.json", "refsource": "CONFIRM" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-12", + "url": "https://security.gentoo.org/glsa/202101-12" } ] }, diff --git a/2020/28xxx/CVE-2020-28487.json b/2020/28xxx/CVE-2020-28487.json index 79d8ea45f0e..be89a621d21 100644 --- a/2020/28xxx/CVE-2020-28487.json +++ b/2020/28xxx/CVE-2020-28487.json @@ -48,24 +48,29 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-JS-VISTIMELINE-1063500" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-JS-VISTIMELINE-1063500", + "name": "https://snyk.io/vuln/SNYK-JS-VISTIMELINE-1063500" }, { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1063501" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1063501", + "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1063501" }, { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBVISJS-1063502" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBVISJS-1063502", + "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBVISJS-1063502" }, { - "refsource": "CONFIRM", - "url": "https://github.com/visjs/vis-timeline/issues/838" + "refsource": "MISC", + "url": "https://github.com/visjs/vis-timeline/issues/838", + "name": "https://github.com/visjs/vis-timeline/issues/838" }, { - "refsource": "CONFIRM", - "url": "https://github.com/visjs/vis-timeline/pull/840" + "refsource": "MISC", + "url": "https://github.com/visjs/vis-timeline/pull/840", + "name": "https://github.com/visjs/vis-timeline/pull/840" } ] }, @@ -73,7 +78,7 @@ "description_data": [ { "lang": "eng", - "value": "This affects the package vis-timeline before 7.4.4.\n An attacker with the ability to control the items of a Timeline element can inject additional script code into the generated application.\r\n\r\n\r\n" + "value": "This affects the package vis-timeline before 7.4.4. An attacker with the ability to control the items of a Timeline element can inject additional script code into the generated application." } ] }, diff --git a/2021/21xxx/CVE-2021-21259.json b/2021/21xxx/CVE-2021-21259.json index 230136d2a86..9b64ad91b87 100644 --- a/2021/21xxx/CVE-2021-21259.json +++ b/2021/21xxx/CVE-2021-21259.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "HedgeDoc is open source software which lets you create real-time collaborative markdown notes. In HedgeDoc before version 1.7.2, an attacker can inject arbitrary JavaScript into a HedgeDoc note, which is executed when the note is viewed in slide mode.\n\nDepending on the configuration of the instance, the attacker may not need authentication to create or edit notes.\n\nThe problem is patched in HedgeDoc 1.7.2.\n\n### Workarounds\nDisallow loading JavaScript from 3rd party sites using the `Content-Security-Policy` header. Note that this will break some embedded content.\n\n### References\nThis issue was discovered by @TobiasHoll and reported to hackmdio/codimd: https://github.com/hackmdio/codimd/issues/1648\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an topic on our community forum\n* Join our matrix room" + "value": "HedgeDoc is open source software which lets you create real-time collaborative markdown notes. In HedgeDoc before version 1.7.2, an attacker can inject arbitrary JavaScript into a HedgeDoc note, which is executed when the note is viewed in slide mode. Depending on the configuration of the instance, the attacker may not need authentication to create or edit notes. The problem is patched in HedgeDoc 1.7.2. ### Workarounds Disallow loading JavaScript from 3rd party sites using the `Content-Security-Policy` header. Note that this will break some embedded content. ### References This issue was discovered by @TobiasHoll and reported to hackmdio/codimd: https://github.com/hackmdio/codimd/issues/1648 ### For more information If you have any questions or comments about this advisory: * Open an topic on our community forum * Join our matrix room" } ] }, diff --git a/2021/21xxx/CVE-2021-21260.json b/2021/21xxx/CVE-2021-21260.json index 980c601cfb9..6731e85ea6f 100644 --- a/2021/21xxx/CVE-2021-21260.json +++ b/2021/21xxx/CVE-2021-21260.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "Online Invoicing System (OIS) is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini.\nIn OIS version 4.0 there is a stored XSS which can enables an attacker takeover of the admin account through a payload that extracts a csrf token and sends a request to change password.\nIt has been found that Item description is reflected without sanitization in app/items_view.php which enables the malicious scenario." + "value": "Online Invoicing System (OIS) is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. In OIS version 4.0 there is a stored XSS which can enables an attacker takeover of the admin account through a payload that extracts a csrf token and sends a request to change password. It has been found that Item description is reflected without sanitization in app/items_view.php which enables the malicious scenario." } ] }, diff --git a/2021/21xxx/CVE-2021-21261.json b/2021/21xxx/CVE-2021-21261.json index 356a9946c6b..de204b58bc2 100644 --- a/2021/21xxx/CVE-2021-21261.json +++ b/2021/21xxx/CVE-2021-21261.json @@ -19,7 +19,7 @@ "version_value": ">= 0.11.4, < 1.8.5" }, { - "version_value": ">= 1.9.0, < 1.9.4" + "version_value": ">= 1.9.0, < 1.10.0" } ] } @@ -38,7 +38,7 @@ "description_data": [ { "lang": "eng", - "value": "Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the `flatpak-portal` service that can allow sandboxed applications to execute arbitrary code on the host system (a sandbox escape). This sandbox-escape bug is present in versions from 0.11.4 and before fixed versions 1.8.5 and 1.9.4. The Flatpak portal D-Bus service (`flatpak-portal`, also known by its D-Bus service name `org.freedesktop.portal.Flatpak`) allows apps in a Flatpak sandbox to launch their own subprocesses in a new sandbox instance, either with the same security settings as the caller or with more restrictive security settings. For example, this is used in Flatpak-packaged web browsers such as Chromium to launch subprocesses that will process untrusted web content, and give those subprocesses a more restrictive sandbox than the browser itself. In vulnerable versions, the Flatpak portal service passes caller-specified environment variables to non-sandboxed processes on the host system, and in particular to the `flatpak run` command that is used to launch the new sandbox instance. A malicious or compromised Flatpak app could set environment variables that are trusted by the `flatpak run` command, and use them to execute arbitrary code that is not in a sandbox. As a workaround, this vulnerability can be mitigated by preventing the `flatpak-portal` service from starting, but that mitigation will prevent many Flatpak apps from working correctly. This is fixed in versions 1.8.5 and 1.9.4." + "value": "Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the `flatpak-portal` service that can allow sandboxed applications to execute arbitrary code on the host system (a sandbox escape). This sandbox-escape bug is present in versions from 0.11.4 and before fixed versions 1.8.5 and 1.10.0. The Flatpak portal D-Bus service (`flatpak-portal`, also known by its D-Bus service name `org.freedesktop.portal.Flatpak`) allows apps in a Flatpak sandbox to launch their own subprocesses in a new sandbox instance, either with the same security settings as the caller or with more restrictive security settings. For example, this is used in Flatpak-packaged web browsers such as Chromium to launch subprocesses that will process untrusted web content, and give those subprocesses a more restrictive sandbox than the browser itself. In vulnerable versions, the Flatpak portal service passes caller-specified environment variables to non-sandboxed processes on the host system, and in particular to the `flatpak run` command that is used to launch the new sandbox instance. A malicious or compromised Flatpak app could set environment variables that are trusted by the `flatpak run` command, and use them to execute arbitrary code that is not in a sandbox. As a workaround, this vulnerability can be mitigated by preventing the `flatpak-portal` service from starting, but that mitigation will prevent many Flatpak apps from working correctly. This is fixed in versions 1.8.5 and 1.10.0." } ] }, @@ -77,40 +77,35 @@ "refsource": "CONFIRM", "url": "https://github.com/flatpak/flatpak/security/advisories/GHSA-4ppf-fxf6-vxg2" }, - { - "name": "https://github.com/flatpak/flatpak/commit/57416f380600d9754df12baf5b227144ff1bb54d", - "refsource": "MISC", - "url": "https://github.com/flatpak/flatpak/commit/57416f380600d9754df12baf5b227144ff1bb54d" - }, - { - "name": "https://github.com/flatpak/flatpak/commit/6a11007021658518c088ba0cc5e4da27962a940a", - "refsource": "MISC", - "url": "https://github.com/flatpak/flatpak/commit/6a11007021658518c088ba0cc5e4da27962a940a" - }, - { - "name": "https://github.com/flatpak/flatpak/commit/dcd24941c7087c5f7e8033abe50b178ac02a34af", - "refsource": "MISC", - "url": "https://github.com/flatpak/flatpak/commit/dcd24941c7087c5f7e8033abe50b178ac02a34af" - }, - { - "name": "https://github.com/flatpak/flatpak/commit/fb1eaefbceeb73f02eb1bc85865d74a414faf8b8", - "refsource": "MISC", - "url": "https://github.com/flatpak/flatpak/commit/fb1eaefbceeb73f02eb1bc85865d74a414faf8b8" - }, { "name": "https://github.com/flatpak/flatpak/releases/tag/1.8.5", "refsource": "MISC", "url": "https://github.com/flatpak/flatpak/releases/tag/1.8.5" }, { - "refsource": "DEBIAN", "name": "DSA-4830", + "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4830" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210121 CVE-2021-21261: Flatpak sandbox escape via spawn portal (aka GHSA-4ppf-fxf6-vxg2)", - "url": "http://www.openwall.com/lists/oss-security/2021/01/21/4" + "name": "https://github.com/flatpak/flatpak/commit/6d1773d2a54dde9b099043f07a2094a4f1c2f486", + "refsource": "MISC", + "url": "https://github.com/flatpak/flatpak/commit/6d1773d2a54dde9b099043f07a2094a4f1c2f486" + }, + { + "name": "https://github.com/flatpak/flatpak/commit/6e5ae7a109cdfa9735ea7ccbd8cb79f9e8d3ae8b", + "refsource": "MISC", + "url": "https://github.com/flatpak/flatpak/commit/6e5ae7a109cdfa9735ea7ccbd8cb79f9e8d3ae8b" + }, + { + "name": "https://github.com/flatpak/flatpak/commit/aeb6a7ab0abaac4a8f4ad98b3df476d9de6b8bd4", + "refsource": "MISC", + "url": "https://github.com/flatpak/flatpak/commit/aeb6a7ab0abaac4a8f4ad98b3df476d9de6b8bd4" + }, + { + "name": "https://github.com/flatpak/flatpak/commit/cc1401043c075268ecc652eac557ef8076b5eaba", + "refsource": "MISC", + "url": "https://github.com/flatpak/flatpak/commit/cc1401043c075268ecc652eac557ef8076b5eaba" } ] }, diff --git a/2021/21xxx/CVE-2021-21270.json b/2021/21xxx/CVE-2021-21270.json index 32e54bffaf0..fd6b79b0481 100644 --- a/2021/21xxx/CVE-2021-21270.json +++ b/2021/21xxx/CVE-2021-21270.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "OctopusDSC is a PowerShell module with DSC resources that can be used to install and configure an Octopus Deploy Server and Tentacle agent. In OctopusDSC version 4.0.977 and earlier a customer API key used to connect to Octopus Server is exposed via logging in plaintext. \n\nThis vulnerability is patched in version 4.0.1002.\n\n" + "value": "OctopusDSC is a PowerShell module with DSC resources that can be used to install and configure an Octopus Deploy Server and Tentacle agent. In OctopusDSC version 4.0.977 and earlier a customer API key used to connect to Octopus Server is exposed via logging in plaintext. This vulnerability is patched in version 4.0.1002." } ] }, diff --git a/2021/25xxx/CVE-2021-25846.json b/2021/25xxx/CVE-2021-25846.json new file mode 100644 index 00000000000..e7a0d061e8a --- /dev/null +++ b/2021/25xxx/CVE-2021-25846.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25846", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25847.json b/2021/25xxx/CVE-2021-25847.json new file mode 100644 index 00000000000..74cec80fe88 --- /dev/null +++ b/2021/25xxx/CVE-2021-25847.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25847", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25848.json b/2021/25xxx/CVE-2021-25848.json new file mode 100644 index 00000000000..4cfa7f014af --- /dev/null +++ b/2021/25xxx/CVE-2021-25848.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25848", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25849.json b/2021/25xxx/CVE-2021-25849.json new file mode 100644 index 00000000000..8577d383c39 --- /dev/null +++ b/2021/25xxx/CVE-2021-25849.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25849", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25850.json b/2021/25xxx/CVE-2021-25850.json new file mode 100644 index 00000000000..df683349d25 --- /dev/null +++ b/2021/25xxx/CVE-2021-25850.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25850", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25851.json b/2021/25xxx/CVE-2021-25851.json new file mode 100644 index 00000000000..8465216dc79 --- /dev/null +++ b/2021/25xxx/CVE-2021-25851.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25851", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25852.json b/2021/25xxx/CVE-2021-25852.json new file mode 100644 index 00000000000..61e76b68f42 --- /dev/null +++ b/2021/25xxx/CVE-2021-25852.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25852", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25853.json b/2021/25xxx/CVE-2021-25853.json new file mode 100644 index 00000000000..f05a5a38dc9 --- /dev/null +++ b/2021/25xxx/CVE-2021-25853.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25853", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25854.json b/2021/25xxx/CVE-2021-25854.json new file mode 100644 index 00000000000..e9df8c970b2 --- /dev/null +++ b/2021/25xxx/CVE-2021-25854.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25854", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25855.json b/2021/25xxx/CVE-2021-25855.json new file mode 100644 index 00000000000..35e333469b7 --- /dev/null +++ b/2021/25xxx/CVE-2021-25855.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25855", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25856.json b/2021/25xxx/CVE-2021-25856.json new file mode 100644 index 00000000000..9e6bb2fc11c --- /dev/null +++ b/2021/25xxx/CVE-2021-25856.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25856", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25857.json b/2021/25xxx/CVE-2021-25857.json new file mode 100644 index 00000000000..4b8a91a5c48 --- /dev/null +++ b/2021/25xxx/CVE-2021-25857.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25857", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25858.json b/2021/25xxx/CVE-2021-25858.json new file mode 100644 index 00000000000..397e0d90474 --- /dev/null +++ b/2021/25xxx/CVE-2021-25858.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25858", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25859.json b/2021/25xxx/CVE-2021-25859.json new file mode 100644 index 00000000000..e369bf47597 --- /dev/null +++ b/2021/25xxx/CVE-2021-25859.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25859", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25860.json b/2021/25xxx/CVE-2021-25860.json new file mode 100644 index 00000000000..faa88a447c4 --- /dev/null +++ b/2021/25xxx/CVE-2021-25860.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25860", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25861.json b/2021/25xxx/CVE-2021-25861.json new file mode 100644 index 00000000000..a42278e6b69 --- /dev/null +++ b/2021/25xxx/CVE-2021-25861.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25861", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25862.json b/2021/25xxx/CVE-2021-25862.json new file mode 100644 index 00000000000..ee9756704ae --- /dev/null +++ b/2021/25xxx/CVE-2021-25862.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25862", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25863.json b/2021/25xxx/CVE-2021-25863.json new file mode 100644 index 00000000000..b82bec45473 --- /dev/null +++ b/2021/25xxx/CVE-2021-25863.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25863", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25864.json b/2021/25xxx/CVE-2021-25864.json new file mode 100644 index 00000000000..fea78596106 --- /dev/null +++ b/2021/25xxx/CVE-2021-25864.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25864", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25865.json b/2021/25xxx/CVE-2021-25865.json new file mode 100644 index 00000000000..c9f801f0815 --- /dev/null +++ b/2021/25xxx/CVE-2021-25865.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25865", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25866.json b/2021/25xxx/CVE-2021-25866.json new file mode 100644 index 00000000000..fde5d398add --- /dev/null +++ b/2021/25xxx/CVE-2021-25866.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25866", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25867.json b/2021/25xxx/CVE-2021-25867.json new file mode 100644 index 00000000000..b1d2326e5a6 --- /dev/null +++ b/2021/25xxx/CVE-2021-25867.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25867", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25868.json b/2021/25xxx/CVE-2021-25868.json new file mode 100644 index 00000000000..36d7cd35c3f --- /dev/null +++ b/2021/25xxx/CVE-2021-25868.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25868", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25869.json b/2021/25xxx/CVE-2021-25869.json new file mode 100644 index 00000000000..84e6c047827 --- /dev/null +++ b/2021/25xxx/CVE-2021-25869.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25869", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25870.json b/2021/25xxx/CVE-2021-25870.json new file mode 100644 index 00000000000..48f0c585ed5 --- /dev/null +++ b/2021/25xxx/CVE-2021-25870.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25870", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25871.json b/2021/25xxx/CVE-2021-25871.json new file mode 100644 index 00000000000..b4023b2a73c --- /dev/null +++ b/2021/25xxx/CVE-2021-25871.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25871", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25872.json b/2021/25xxx/CVE-2021-25872.json new file mode 100644 index 00000000000..33679e21f32 --- /dev/null +++ b/2021/25xxx/CVE-2021-25872.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-25872", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/2xxx/CVE-2021-2054.json b/2021/2xxx/CVE-2021-2054.json index 92587c905b1..7eebc8286e1 100644 --- a/2021/2xxx/CVE-2021-2054.json +++ b/2021/2xxx/CVE-2021-2054.json @@ -72,6 +72,11 @@ "url": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2021.html" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-083/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-083/" } ] } diff --git a/2021/2xxx/CVE-2021-2073.json b/2021/2xxx/CVE-2021-2073.json index 7a781c968f3..abc5ddb3f55 100644 --- a/2021/2xxx/CVE-2021-2073.json +++ b/2021/2xxx/CVE-2021-2073.json @@ -64,6 +64,11 @@ "url": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2021.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2021/2xxx/CVE-2021-2074.json b/2021/2xxx/CVE-2021-2074.json index 2778dc61c29..5de23612fd9 100644 --- a/2021/2xxx/CVE-2021-2074.json +++ b/2021/2xxx/CVE-2021-2074.json @@ -64,6 +64,11 @@ "url": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2021.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2021/2xxx/CVE-2021-2111.json b/2021/2xxx/CVE-2021-2111.json index 2cef4590e10..fcc3df25d4a 100644 --- a/2021/2xxx/CVE-2021-2111.json +++ b/2021/2xxx/CVE-2021-2111.json @@ -64,6 +64,11 @@ "url": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2021.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2021/2xxx/CVE-2021-2112.json b/2021/2xxx/CVE-2021-2112.json index d56970cbfb5..f186f841366 100644 --- a/2021/2xxx/CVE-2021-2112.json +++ b/2021/2xxx/CVE-2021-2112.json @@ -64,6 +64,11 @@ "url": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2021.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2021/2xxx/CVE-2021-2119.json b/2021/2xxx/CVE-2021-2119.json index 68ee3e8f7f6..5b24e5df787 100644 --- a/2021/2xxx/CVE-2021-2119.json +++ b/2021/2xxx/CVE-2021-2119.json @@ -64,6 +64,11 @@ "url": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2021.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2021/2xxx/CVE-2021-2120.json b/2021/2xxx/CVE-2021-2120.json index 22b2dedb1fd..2f35b82d1e3 100644 --- a/2021/2xxx/CVE-2021-2120.json +++ b/2021/2xxx/CVE-2021-2120.json @@ -64,6 +64,11 @@ "url": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2021.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2021/2xxx/CVE-2021-2121.json b/2021/2xxx/CVE-2021-2121.json index 196f31d2741..91266cb606b 100644 --- a/2021/2xxx/CVE-2021-2121.json +++ b/2021/2xxx/CVE-2021-2121.json @@ -64,6 +64,11 @@ "url": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2021.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2021/2xxx/CVE-2021-2123.json b/2021/2xxx/CVE-2021-2123.json index 346c1397af1..49dd027e862 100644 --- a/2021/2xxx/CVE-2021-2123.json +++ b/2021/2xxx/CVE-2021-2123.json @@ -64,6 +64,11 @@ "url": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2021.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2021/2xxx/CVE-2021-2124.json b/2021/2xxx/CVE-2021-2124.json index 9ab5fb2c0a0..dd83cfbfe83 100644 --- a/2021/2xxx/CVE-2021-2124.json +++ b/2021/2xxx/CVE-2021-2124.json @@ -64,6 +64,11 @@ "url": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2021.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2021/2xxx/CVE-2021-2126.json b/2021/2xxx/CVE-2021-2126.json index 9c3cc3bdc2e..b60eaaa0d69 100644 --- a/2021/2xxx/CVE-2021-2126.json +++ b/2021/2xxx/CVE-2021-2126.json @@ -64,6 +64,11 @@ "url": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2021.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2021/2xxx/CVE-2021-2128.json b/2021/2xxx/CVE-2021-2128.json index a607de75331..9504ef056d5 100644 --- a/2021/2xxx/CVE-2021-2128.json +++ b/2021/2xxx/CVE-2021-2128.json @@ -64,6 +64,11 @@ "url": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2021.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202101-15", + "url": "https://security.gentoo.org/glsa/202101-15" } ] } diff --git a/2021/3xxx/CVE-2021-3193.json b/2021/3xxx/CVE-2021-3193.json index b1e7deff112..cab1cb6e04d 100644 --- a/2021/3xxx/CVE-2021-3193.json +++ b/2021/3xxx/CVE-2021-3193.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-3193", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-3193", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper access and command validation in the Nagios Docker config wizard before 1.1.2, as used in Nagios XI through 5.7, allows an unauthenticated attacker to execute remote code as the apache user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.nagios.com/products/security/", + "refsource": "MISC", + "name": "https://www.nagios.com/products/security/" } ] } diff --git a/2021/3xxx/CVE-2021-3228.json b/2021/3xxx/CVE-2021-3228.json new file mode 100644 index 00000000000..724b8ee419a --- /dev/null +++ b/2021/3xxx/CVE-2021-3228.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3228", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3229.json b/2021/3xxx/CVE-2021-3229.json new file mode 100644 index 00000000000..3ab0e47d8a6 --- /dev/null +++ b/2021/3xxx/CVE-2021-3229.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3229", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3230.json b/2021/3xxx/CVE-2021-3230.json new file mode 100644 index 00000000000..3e13ee85317 --- /dev/null +++ b/2021/3xxx/CVE-2021-3230.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3230", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3231.json b/2021/3xxx/CVE-2021-3231.json new file mode 100644 index 00000000000..48a2501d840 --- /dev/null +++ b/2021/3xxx/CVE-2021-3231.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3231", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3232.json b/2021/3xxx/CVE-2021-3232.json new file mode 100644 index 00000000000..461e5a0b983 --- /dev/null +++ b/2021/3xxx/CVE-2021-3232.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3232", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3233.json b/2021/3xxx/CVE-2021-3233.json new file mode 100644 index 00000000000..72d1917f35d --- /dev/null +++ b/2021/3xxx/CVE-2021-3233.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3233", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3234.json b/2021/3xxx/CVE-2021-3234.json new file mode 100644 index 00000000000..c0c42ec1603 --- /dev/null +++ b/2021/3xxx/CVE-2021-3234.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3234", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3235.json b/2021/3xxx/CVE-2021-3235.json new file mode 100644 index 00000000000..6772991ac74 --- /dev/null +++ b/2021/3xxx/CVE-2021-3235.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3235", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3236.json b/2021/3xxx/CVE-2021-3236.json new file mode 100644 index 00000000000..622f0a52cbc --- /dev/null +++ b/2021/3xxx/CVE-2021-3236.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3236", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3237.json b/2021/3xxx/CVE-2021-3237.json new file mode 100644 index 00000000000..1b1ecf3e7c5 --- /dev/null +++ b/2021/3xxx/CVE-2021-3237.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3237", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3238.json b/2021/3xxx/CVE-2021-3238.json new file mode 100644 index 00000000000..4768aaaa1d3 --- /dev/null +++ b/2021/3xxx/CVE-2021-3238.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3238", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3239.json b/2021/3xxx/CVE-2021-3239.json new file mode 100644 index 00000000000..541a90fc428 --- /dev/null +++ b/2021/3xxx/CVE-2021-3239.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3239", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3240.json b/2021/3xxx/CVE-2021-3240.json new file mode 100644 index 00000000000..85b70c4de0b --- /dev/null +++ b/2021/3xxx/CVE-2021-3240.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3240", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3241.json b/2021/3xxx/CVE-2021-3241.json new file mode 100644 index 00000000000..cd35cf5b0c8 --- /dev/null +++ b/2021/3xxx/CVE-2021-3241.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3241", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3242.json b/2021/3xxx/CVE-2021-3242.json new file mode 100644 index 00000000000..e2e8f358014 --- /dev/null +++ b/2021/3xxx/CVE-2021-3242.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3242", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3271.json b/2021/3xxx/CVE-2021-3271.json new file mode 100644 index 00000000000..6a78cf0ed46 --- /dev/null +++ b/2021/3xxx/CVE-2021-3271.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-3271", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PressBooks 5.17.3 contains a cross-site scripting (XSS). Stored XSS can be submitted via the Book Info's Long Description Body, and all actions to open or preview the books page will result in the triggering the stored XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/pressbooks/pressbooks/pull/2072", + "refsource": "MISC", + "name": "https://github.com/pressbooks/pressbooks/pull/2072" + }, + { + "url": "https://github.com/pressbooks/pressbooks", + "refsource": "MISC", + "name": "https://github.com/pressbooks/pressbooks" + } + ] + } +} \ No newline at end of file