admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-13 15:06:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-10-05 18:00:58 +00:00
parent b9001495d7
commit 50347176f8
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
6 changed files with 439 additions and 406 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/0xxx/CVE-2019-0205.json
View File

@ -248,6 +248,11 @@
"refsource": "MLIST", "refsource": "MLIST",
"name": "[cassandra-user] 20211004 Re: Vulnerability in libthrift library (CVE-2019-0205)", "name": "[cassandra-user] 20211004 Re: Vulnerability in libthrift library (CVE-2019-0205)",
"url": "https://lists.apache.org/thread.html/r92b7771afee2625209c36727fefdc77033964e9a1daa81ec3327e625@%3Cuser.cassandra.apache.org%3E" "url": "https://lists.apache.org/thread.html/r92b7771afee2625209c36727fefdc77033964e9a1daa81ec3327e625@%3Cuser.cassandra.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[cassandra-user] 20211005 Re: Vulnerability in libthrift library (CVE-2019-0205)",
"url": "https://lists.apache.org/thread.html/r53c03e1c979b9c628d0d65e0f49dd9a9f9d7572838727ad11b750575@%3Cuser.cassandra.apache.org%3E"
} }
] ]
}, },

810
2021/35xxx/CVE-2021-35497.json
View File

@ -1,406 +1,406 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "security@tibco.com", "ASSIGNER": "security@tibco.com",
"DATE_PUBLIC": "2021-10-05T17:00:00Z", "DATE_PUBLIC": "2021-10-05T17:00:00Z",
"ID": "CVE-2021-35497", "ID": "CVE-2021-35497",
"STATE": "PUBLIC", "STATE": "PUBLIC",
"TITLE": "TIBCO FTL unvalidated SAN in client certificates" "TITLE": "TIBCO FTL unvalidated SAN in client certificates"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "TIBCO ActiveSpaces - Community Edition", "product_name": "TIBCO ActiveSpaces - Community Edition",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.3.0" "version_value": "4.3.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.4.0" "version_value": "4.4.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.5.0" "version_value": "4.5.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.6.0" "version_value": "4.6.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.6.1" "version_value": "4.6.1"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.6.2" "version_value": "4.6.2"
} }
] ]
} }
}, },
{ {
"product_name": "TIBCO ActiveSpaces - Developer Edition", "product_name": "TIBCO ActiveSpaces - Developer Edition",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.3.0" "version_value": "4.3.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.4.0" "version_value": "4.4.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.5.0" "version_value": "4.5.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.6.0" "version_value": "4.6.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.6.1" "version_value": "4.6.1"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.6.2" "version_value": "4.6.2"
} }
] ]
} }
}, },
{ {
"product_name": "TIBCO ActiveSpaces - Enterprise Edition", "product_name": "TIBCO ActiveSpaces - Enterprise Edition",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.3.0" "version_value": "4.3.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.4.0" "version_value": "4.4.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.5.0" "version_value": "4.5.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.6.0" "version_value": "4.6.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.6.1" "version_value": "4.6.1"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "4.6.2" "version_value": "4.6.2"
} }
] ]
} }
}, },
{ {
"product_name": "TIBCO FTL - Community Edition", "product_name": "TIBCO FTL - Community Edition",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.2.0" "version_value": "6.2.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.3.0" "version_value": "6.3.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.3.1" "version_value": "6.3.1"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.4.0" "version_value": "6.4.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.5.0" "version_value": "6.5.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.6.0" "version_value": "6.6.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.6.1" "version_value": "6.6.1"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.7.0" "version_value": "6.7.0"
} }
] ]
} }
}, },
{ {
"product_name": "TIBCO FTL - Developer Edition", "product_name": "TIBCO FTL - Developer Edition",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.2.0" "version_value": "6.2.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.3.0" "version_value": "6.3.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.3.1" "version_value": "6.3.1"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.4.0" "version_value": "6.4.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.5.0" "version_value": "6.5.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.6.0" "version_value": "6.6.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.6.1" "version_value": "6.6.1"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.7.0" "version_value": "6.7.0"
} }
] ]
} }
}, },
{ {
"product_name": "TIBCO FTL - Enterprise Edition", "product_name": "TIBCO FTL - Enterprise Edition",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.2.0" "version_value": "6.2.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.3.0" "version_value": "6.3.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.3.1" "version_value": "6.3.1"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.4.0" "version_value": "6.4.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.5.0" "version_value": "6.5.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.6.0" "version_value": "6.6.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.6.1" "version_value": "6.6.1"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.7.0" "version_value": "6.7.0"
} }
] ]
} }
}, },
{ {
"product_name": "TIBCO eFTL - Community Edition", "product_name": "TIBCO eFTL - Community Edition",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.2.0" "version_value": "6.2.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.3.0" "version_value": "6.3.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.3.1" "version_value": "6.3.1"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.4.0" "version_value": "6.4.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.5.0" "version_value": "6.5.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.6.0" "version_value": "6.6.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.6.1" "version_value": "6.6.1"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.7.0" "version_value": "6.7.0"
} }
] ]
} }
}, },
{ {
"product_name": "TIBCO eFTL - Developer Edition", "product_name": "TIBCO eFTL - Developer Edition",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.2.0" "version_value": "6.2.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.3.0" "version_value": "6.3.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.3.1" "version_value": "6.3.1"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.4.0" "version_value": "6.4.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.5.0" "version_value": "6.5.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.6.0" "version_value": "6.6.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.6.1" "version_value": "6.6.1"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.7.0" "version_value": "6.7.0"
} }
] ]
} }
}, },
{ {
"product_name": "TIBCO eFTL - Enterprise Edition", "product_name": "TIBCO eFTL - Enterprise Edition",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.2.0" "version_value": "6.2.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.3.0" "version_value": "6.3.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.3.1" "version_value": "6.3.1"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.4.0" "version_value": "6.4.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.5.0" "version_value": "6.5.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.6.0" "version_value": "6.6.0"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.6.1" "version_value": "6.6.1"
}, },
{ {
"version_affected": "=", "version_affected": "=",
"version_value": "6.7.0" "version_value": "6.7.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name": "TIBCO Software Inc." "vendor_name": "TIBCO Software Inc."
} }
] ]
} }
}, },
"data_format": "MITRE", "data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
"data_version": "4.0", "data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The FTL Server (tibftlserver) and Docker images containing tibftlserver components of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, TIBCO ActiveSpaces - Enterprise Edition, TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, TIBCO FTL - Enterprise Edition, TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contain a vulnerability that theoretically allows a non-administrative, authenticated FTL user to trick the affected components into creating illegitimate certificates. These maliciously generated certificates can be used to enable man-in-the-middle attacks or to escalate privileges so that the malicious user has administrative privileges.\n\nAffected releases are TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition: versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.6.1, and 4.6.2, TIBCO ActiveSpaces - Developer Edition: versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.6.1, and 4.6.2, TIBCO ActiveSpaces - Enterprise Edition: versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.6.1, and 4.6.2, TIBCO FTL - Community Edition: versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0, TIBCO FTL - Developer Edition: versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0, TIBCO FTL - Enterprise Edition: versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0, TIBCO eFTL - Community Edition: versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0, TIBCO eFTL - Developer Edition: versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0, and TIBCO eFTL - Enterprise Edition: versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0.\n" "value": "The FTL Server (tibftlserver) and Docker images containing tibftlserver components of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, TIBCO ActiveSpaces - Enterprise Edition, TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, TIBCO FTL - Enterprise Edition, TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contain a vulnerability that theoretically allows a non-administrative, authenticated FTL user to trick the affected components into creating illegitimate certificates. These maliciously generated certificates can be used to enable man-in-the-middle attacks or to escalate privileges so that the malicious user has administrative privileges. Affected releases are TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition: versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.6.1, and 4.6.2, TIBCO ActiveSpaces - Developer Edition: versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.6.1, and 4.6.2, TIBCO ActiveSpaces - Enterprise Edition: versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.6.1, and 4.6.2, TIBCO FTL - Community Edition: versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0, TIBCO FTL - Developer Edition: versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0, TIBCO FTL - Enterprise Edition: versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0, TIBCO eFTL - Community Edition: versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0, TIBCO eFTL - Developer Edition: versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0, and TIBCO eFTL - Enterprise Edition: versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0."
} }
] ]
}, },
"impact": { "impact": {
"cvss": { "cvss": {
"attackComplexity": "LOW", "attackComplexity": "LOW",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"availabilityImpact": "HIGH", "availabilityImpact": "HIGH",
"baseScore": 7.5, "baseScore": 7.5,
"baseSeverity": "HIGH", "baseSeverity": "HIGH",
"confidentialityImpact": "HIGH", "confidentialityImpact": "HIGH",
"integrityImpact": "HIGH", "integrityImpact": "HIGH",
"privilegesRequired": "LOW", "privilegesRequired": "LOW",
"scope": "CHANGED", "scope": "CHANGED",
"userInteraction": "REQUIRED", "userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0" "version": "3.0"
} }
}, },
"problemtype": { "problemtype": {
"problemtype_data": [ "problemtype_data": [
{ {
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "The impact of this vulnerability includes the theoretical possibility that a malicious non-administrative user can gain full administrative access to the affected system." "value": "The impact of this vulnerability includes the theoretical possibility that a malicious non-administrative user can gain full administrative access to the affected system."
} }
] ]
} }
] ]
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://www.tibco.com/services/support/advisories", "name": "https://www.tibco.com/services/support/advisories",
"refsource": "CONFIRM", "refsource": "CONFIRM",
"url": "https://www.tibco.com/services/support/advisories" "url": "https://www.tibco.com/services/support/advisories"
} }
] ]
}, },
"solution": [ "solution": [
{ {
"lang": "eng", "lang": "eng",
"value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO ActiveSpaces - Community Edition versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.6.1, and 4.6.2 update to version 4.7.0 or later\nTIBCO ActiveSpaces - Developer Edition versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.6.1, and 4.6.2 update to version 4.7.0 or later\nTIBCO ActiveSpaces - Enterprise Edition versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.6.1, and 4.6.2 update to version 4.7.0 or later\nTIBCO FTL - Community Edition versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0 update to version 6.7.1 or later\nTIBCO FTL - Developer Edition versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0 update to version 6.7.1 or later\nTIBCO FTL - Enterprise Edition versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0 update to version 6.7.1 or later\nTIBCO eFTL - Community Edition versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0 update to version 6.7.1 or later\nTIBCO eFTL - Developer Edition versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0 update to version 6.7.1 or later\nTIBCO eFTL - Enterprise Edition versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0 update to version 6.7.1 or later" "value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO ActiveSpaces - Community Edition versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.6.1, and 4.6.2 update to version 4.7.0 or later\nTIBCO ActiveSpaces - Developer Edition versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.6.1, and 4.6.2 update to version 4.7.0 or later\nTIBCO ActiveSpaces - Enterprise Edition versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.6.1, and 4.6.2 update to version 4.7.0 or later\nTIBCO FTL - Community Edition versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0 update to version 6.7.1 or later\nTIBCO FTL - Developer Edition versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0 update to version 6.7.1 or later\nTIBCO FTL - Enterprise Edition versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0 update to version 6.7.1 or later\nTIBCO eFTL - Community Edition versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0 update to version 6.7.1 or later\nTIBCO eFTL - Developer Edition versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0 update to version 6.7.1 or later\nTIBCO eFTL - Enterprise Edition versions 6.2.0, 6.3.0, 6.3.1, 6.4.0, 6.5.0, 6.6.0, 6.6.1, and 6.7.0 update to version 6.7.1 or later"
} }
], ],
"source": { "source": {
"discovery": "INTERNAL" "discovery": "INTERNAL"
} }
} }

5
2021/36xxx/CVE-2021-36160.json
View File

@ -123,6 +123,11 @@
"refsource": "MLIST", "refsource": "MLIST",
"name": "[debian-lts-announce] 20210929 [SECURITY] [DLA 2768-1] uwsgi security update", "name": "[debian-lts-announce] 20210929 [SECURITY] [DLA 2768-1] uwsgi security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00016.html" "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00016.html"
},
{
"refsource": "MLIST",
"name": "[httpd-bugs] 20211005 [Bug 65616] New: CVE-2021-36160 regression",
"url": "https://lists.apache.org/thread.html/ra1c05a392587bfe34383dffe1213edc425de8d4afc25b7cefab3e781@%3Cbugs.httpd.apache.org%3E"
} }
] ]
}, },

5
2021/40xxx/CVE-2021-40530.json
View File

@ -76,6 +76,11 @@
"refsource": "FEDORA", "refsource": "FEDORA",
"name": "FEDORA-2021-a381a721a9", "name": "FEDORA-2021-a381a721a9",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/57OJA2K5AHX5HAU2QBDRWLGIIUX7GASC/" "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/57OJA2K5AHX5HAU2QBDRWLGIIUX7GASC/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-6788250ea4",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VJYOZGWI7TD27SEXILSM6VUTPPEICDL7/"
} }
] ]
} }

2
2021/41xxx/CVE-2021-41113.json
View File

@ -35,7 +35,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the new TYPO3 v11 feature that allows users to create and share deep links in the backend user interface is vulnerable to cross-site-request-forgery. The impact is the same as described in TYPO3-CORE-SA-2020-006 (CVE-2020-11069). However, it is not limited to the same site context and does not require the attacker to be authenticated. In a worst case scenario, the attacker could create a new admin user account to compromise the system. To successfully carry out an attack, an attacker must trick his victim to access a compromised system. The victim must have an active session in the TYPO3 backend at that time. The following Same-Site cookie settings in $GLOBALS[TYPO3_CONF_VARS][BE][cookieSameSite] are required for an attack to be successful: SameSite=strict: malicious evil.example.org invoking TYPO3 application at good.example.org and SameSite=lax or none: malicious evil.com invoking TYPO3 application at example.org. Update your instance to TYPO3 version 11.5.0 which addresses the problem described.\n" "value": "TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that the new TYPO3 v11 feature that allows users to create and share deep links in the backend user interface is vulnerable to cross-site-request-forgery. The impact is the same as described in TYPO3-CORE-SA-2020-006 (CVE-2020-11069). However, it is not limited to the same site context and does not require the attacker to be authenticated. In a worst case scenario, the attacker could create a new admin user account to compromise the system. To successfully carry out an attack, an attacker must trick his victim to access a compromised system. The victim must have an active session in the TYPO3 backend at that time. The following Same-Site cookie settings in $GLOBALS[TYPO3_CONF_VARS][BE][cookieSameSite] are required for an attack to be successful: SameSite=strict: malicious evil.example.org invoking TYPO3 application at good.example.org and SameSite=lax or none: malicious evil.com invoking TYPO3 application at example.org. Update your instance to TYPO3 version 11.5.0 which addresses the problem described."
} }
] ]
}, },

18
2021/42xxx/CVE-2021-42010.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-42010",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}