From 50e1c52fddda9a76d906a8a710492e49dc9d55f2 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 17 Oct 2022 18:00:35 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2016/10xxx/CVE-2016-10228.json | 5 ++ 2019/19xxx/CVE-2019-19126.json | 5 ++ 2019/25xxx/CVE-2019-25013.json | 5 ++ 2020/10xxx/CVE-2020-10029.json | 5 ++ 2020/1xxx/CVE-2020-1752.json | 5 ++ 2020/27xxx/CVE-2020-27618.json | 5 ++ 2020/6xxx/CVE-2020-6096.json | 5 ++ 2021/27xxx/CVE-2021-27645.json | 5 ++ 2021/33xxx/CVE-2021-33574.json | 5 ++ 2021/35xxx/CVE-2021-35942.json | 5 ++ 2021/3xxx/CVE-2021-3326.json | 5 ++ 2021/3xxx/CVE-2021-3999.json | 5 ++ 2022/23xxx/CVE-2022-23218.json | 5 ++ 2022/23xxx/CVE-2022-23219.json | 5 ++ 2022/26xxx/CVE-2022-26375.json | 93 +++++++++++++++++++++++++++++++--- 2022/3xxx/CVE-2022-3559.json | 12 +++-- 2022/3xxx/CVE-2022-3561.json | 18 +++++++ 2022/3xxx/CVE-2022-3562.json | 18 +++++++ 2022/3xxx/CVE-2022-3563.json | 18 +++++++ 2022/3xxx/CVE-2022-3564.json | 18 +++++++ 2022/3xxx/CVE-2022-3565.json | 18 +++++++ 2022/3xxx/CVE-2022-3566.json | 18 +++++++ 2022/3xxx/CVE-2022-3567.json | 18 +++++++ 2022/40xxx/CVE-2022-40055.json | 66 +++++++++++++++++++++--- 2022/41xxx/CVE-2022-41751.json | 66 +++++++++++++++++++++--- 2022/42xxx/CVE-2022-42029.json | 56 +++++++++++++++++--- 26 files changed, 461 insertions(+), 28 deletions(-) create mode 100644 2022/3xxx/CVE-2022-3561.json create mode 100644 2022/3xxx/CVE-2022-3562.json create mode 100644 2022/3xxx/CVE-2022-3563.json create mode 100644 2022/3xxx/CVE-2022-3564.json create mode 100644 2022/3xxx/CVE-2022-3565.json create mode 100644 2022/3xxx/CVE-2022-3566.json create mode 100644 2022/3xxx/CVE-2022-3567.json diff --git a/2016/10xxx/CVE-2016-10228.json b/2016/10xxx/CVE-2016-10228.json index b82f1f800bb..658ee6b856c 100644 --- a/2016/10xxx/CVE-2016-10228.json +++ b/2016/10xxx/CVE-2016-10228.json @@ -91,6 +91,11 @@ "refsource": "CONFIRM", "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" } ] } diff --git a/2019/19xxx/CVE-2019-19126.json b/2019/19xxx/CVE-2019-19126.json index 86dd2a7a1c2..487ed0db7f1 100644 --- a/2019/19xxx/CVE-2019-19126.json +++ b/2019/19xxx/CVE-2019-19126.json @@ -71,6 +71,11 @@ "refsource": "UBUNTU", "name": "USN-4416-1", "url": "https://usn.ubuntu.com/4416-1/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" } ] } diff --git a/2019/25xxx/CVE-2019-25013.json b/2019/25xxx/CVE-2019-25013.json index 32aedebf292..41aaf0cb727 100644 --- a/2019/25xxx/CVE-2019-25013.json +++ b/2019/25xxx/CVE-2019-25013.json @@ -131,6 +131,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20210205-0004/", "url": "https://security.netapp.com/advisory/ntap-20210205-0004/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" } ] } diff --git a/2020/10xxx/CVE-2020-10029.json b/2020/10xxx/CVE-2020-10029.json index af520bdd9f6..f3d54e102fa 100644 --- a/2020/10xxx/CVE-2020-10029.json +++ b/2020/10xxx/CVE-2020-10029.json @@ -96,6 +96,11 @@ "refsource": "UBUNTU", "name": "USN-4416-1", "url": "https://usn.ubuntu.com/4416-1/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" } ] } diff --git a/2020/1xxx/CVE-2020-1752.json b/2020/1xxx/CVE-2020-1752.json index 9e7ee5fff69..2bbfdde8931 100644 --- a/2020/1xxx/CVE-2020-1752.json +++ b/2020/1xxx/CVE-2020-1752.json @@ -86,6 +86,11 @@ "refsource": "MLIST", "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" } ] }, diff --git a/2020/27xxx/CVE-2020-27618.json b/2020/27xxx/CVE-2020-27618.json index 86d3f0f934e..206f8fd9e7d 100644 --- a/2020/27xxx/CVE-2020-27618.json +++ b/2020/27xxx/CVE-2020-27618.json @@ -81,6 +81,11 @@ "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" } ] } diff --git a/2020/6xxx/CVE-2020-6096.json b/2020/6xxx/CVE-2020-6096.json index 88c26296892..1ac4c183391 100644 --- a/2020/6xxx/CVE-2020-6096.json +++ b/2020/6xxx/CVE-2020-6096.json @@ -73,6 +73,11 @@ "refsource": "MISC", "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" } ] }, diff --git a/2021/27xxx/CVE-2021-27645.json b/2021/27xxx/CVE-2021-27645.json index f27bffd63a2..65bb5d92755 100644 --- a/2021/27xxx/CVE-2021-27645.json +++ b/2021/27xxx/CVE-2021-27645.json @@ -71,6 +71,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-07", "url": "https://security.gentoo.org/glsa/202107-07" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" } ] } diff --git a/2021/33xxx/CVE-2021-33574.json b/2021/33xxx/CVE-2021-33574.json index 398dad8c722..51211be1b2b 100644 --- a/2021/33xxx/CVE-2021-33574.json +++ b/2021/33xxx/CVE-2021-33574.json @@ -81,6 +81,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-f29b4643c7", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" } ] } diff --git a/2021/35xxx/CVE-2021-35942.json b/2021/35xxx/CVE-2021-35942.json index b99962ab5b0..92bf1fe98da 100644 --- a/2021/35xxx/CVE-2021-35942.json +++ b/2021/35xxx/CVE-2021-35942.json @@ -76,6 +76,11 @@ "refsource": "GENTOO", "name": "GLSA-202208-24", "url": "https://security.gentoo.org/glsa/202208-24" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" } ] } diff --git a/2021/3xxx/CVE-2021-3326.json b/2021/3xxx/CVE-2021-3326.json index 3032238bb0b..d7d6db5f809 100644 --- a/2021/3xxx/CVE-2021-3326.json +++ b/2021/3xxx/CVE-2021-3326.json @@ -86,6 +86,11 @@ "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" } ] } diff --git a/2021/3xxx/CVE-2021-3999.json b/2021/3xxx/CVE-2021-3999.json index 22dc424e826..d364a8dbdb5 100644 --- a/2021/3xxx/CVE-2021-3999.json +++ b/2021/3xxx/CVE-2021-3999.json @@ -73,6 +73,11 @@ "refsource": "MISC", "name": "https://security-tracker.debian.org/tracker/CVE-2021-3999", "url": "https://security-tracker.debian.org/tracker/CVE-2021-3999" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" } ] }, diff --git a/2022/23xxx/CVE-2022-23218.json b/2022/23xxx/CVE-2022-23218.json index 92aa624ad17..12b5e7ef4b6 100644 --- a/2022/23xxx/CVE-2022-23218.json +++ b/2022/23xxx/CVE-2022-23218.json @@ -66,6 +66,11 @@ "refsource": "GENTOO", "name": "GLSA-202208-24", "url": "https://security.gentoo.org/glsa/202208-24" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" } ] } diff --git a/2022/23xxx/CVE-2022-23219.json b/2022/23xxx/CVE-2022-23219.json index f60fa04e455..0561d8b1793 100644 --- a/2022/23xxx/CVE-2022-23219.json +++ b/2022/23xxx/CVE-2022-23219.json @@ -66,6 +66,11 @@ "refsource": "GENTOO", "name": "GLSA-202208-24", "url": "https://security.gentoo.org/glsa/202208-24" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" } ] } diff --git a/2022/26xxx/CVE-2022-26375.json b/2022/26xxx/CVE-2022-26375.json index 31db37e30a0..78cbc1ea0fb 100644 --- a/2022/26xxx/CVE-2022-26375.json +++ b/2022/26xxx/CVE-2022-26375.json @@ -1,18 +1,99 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "audit@patchstack.com", + "DATE_PUBLIC": "2022-10-12T16:31:00.000Z", "ID": "CVE-2022-26375", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "WordPress AB Press Optimizer plugin <= 1.1.1 - Auth. Stored Cross-Site Scripting (XSS) vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "AB Press Optimizer (WordPress plugin)", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "<= 1.1.1", + "version_value": "1.1.1" + } + ] + } + } + ] + }, + "vendor_name": "Mammothology" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Vulnerability discovered by ptsfence (Patchstack Alliance)" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mammothology AB Press Optimizer plugin <= 1.1.1 on WordPress." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-site Scripting (XSS)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://patchstack.com/database/vulnerability/ab-press-optimizer-lite/wordpress-ab-press-optimizer-plugin-1-1-1-auth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", + "refsource": "CONFIRM", + "url": "https://patchstack.com/database/vulnerability/ab-press-optimizer-lite/wordpress-ab-press-optimizer-plugin-1-1-1-auth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve" + }, + { + "name": "https://wordpress.org/plugins/ab-press-optimizer-lite/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/plugins/ab-press-optimizer-lite/" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3559.json b/2022/3xxx/CVE-2022-3559.json index 8704bf0f688..c21c90fd268 100644 --- a/2022/3xxx/CVE-2022-3559.json +++ b/2022/3xxx/CVE-2022-3559.json @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "5.5", - "vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L" + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } }, "references": { "reference_data": [ { - "url": "https:\/\/git.exim.org\/exim.git\/commit\/4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2" + "url": "https://git.exim.org/exim.git/commit/4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2", + "refsource": "MISC", + "name": "https://git.exim.org/exim.git/commit/4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2" }, { - "url": "https:\/\/vuldb.com\/?id.211073" + "url": "https://vuldb.com/?id.211073", + "refsource": "MISC", + "name": "https://vuldb.com/?id.211073" } ] } diff --git a/2022/3xxx/CVE-2022-3561.json b/2022/3xxx/CVE-2022-3561.json new file mode 100644 index 00000000000..709bff227cd --- /dev/null +++ b/2022/3xxx/CVE-2022-3561.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3561", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3562.json b/2022/3xxx/CVE-2022-3562.json new file mode 100644 index 00000000000..575f4dc44eb --- /dev/null +++ b/2022/3xxx/CVE-2022-3562.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3562", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3563.json b/2022/3xxx/CVE-2022-3563.json new file mode 100644 index 00000000000..9fb3d184409 --- /dev/null +++ b/2022/3xxx/CVE-2022-3563.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3563", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3564.json b/2022/3xxx/CVE-2022-3564.json new file mode 100644 index 00000000000..18fc1b6a0f6 --- /dev/null +++ b/2022/3xxx/CVE-2022-3564.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3564", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3565.json b/2022/3xxx/CVE-2022-3565.json new file mode 100644 index 00000000000..521b5398bc1 --- /dev/null +++ b/2022/3xxx/CVE-2022-3565.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3565", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3566.json b/2022/3xxx/CVE-2022-3566.json new file mode 100644 index 00000000000..5947b2cf7ce --- /dev/null +++ b/2022/3xxx/CVE-2022-3566.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3566", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3567.json b/2022/3xxx/CVE-2022-3567.json new file mode 100644 index 00000000000..067b264576c --- /dev/null +++ b/2022/3xxx/CVE-2022-3567.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3567", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/40xxx/CVE-2022-40055.json b/2022/40xxx/CVE-2022-40055.json index 399a9734da4..c7183d343e2 100644 --- a/2022/40xxx/CVE-2022-40055.json +++ b/2022/40xxx/CVE-2022-40055.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-40055", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-40055", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in GX Group GPON ONT Titanium 2122A T2122-V1.26EXL allows attackers to escalate privileges via a brute force attack at the login page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://gpon.com", + "refsource": "MISC", + "name": "http://gpon.com" + }, + { + "url": "http://gx.com", + "refsource": "MISC", + "name": "http://gx.com" + }, + { + "refsource": "MISC", + "name": "https://blog.alphathreat.in/index.php?post/2022/10/01/Achieving-CVE-2022-40055", + "url": "https://blog.alphathreat.in/index.php?post/2022/10/01/Achieving-CVE-2022-40055" } ] } diff --git a/2022/41xxx/CVE-2022-41751.json b/2022/41xxx/CVE-2022-41751.json index f0e1862b147..0116b7e3675 100644 --- a/2022/41xxx/CVE-2022-41751.json +++ b/2022/41xxx/CVE-2022-41751.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-41751", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-41751", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Matthias-Wandel/jhead", + "refsource": "MISC", + "name": "https://github.com/Matthias-Wandel/jhead" + }, + { + "url": "https://github.com/Matthias-Wandel/jhead/blob/63ce118c6a59ea64ac357236a11a47aaf569d622/jhead.c#L788", + "refsource": "MISC", + "name": "https://github.com/Matthias-Wandel/jhead/blob/63ce118c6a59ea64ac357236a11a47aaf569d622/jhead.c#L788" + }, + { + "refsource": "MISC", + "name": "https://github.com/Matthias-Wandel/jhead/pull/57", + "url": "https://github.com/Matthias-Wandel/jhead/pull/57" } ] } diff --git a/2022/42xxx/CVE-2022-42029.json b/2022/42xxx/CVE-2022-42029.json index 364e6a09df4..9e71dd290c2 100644 --- a/2022/42xxx/CVE-2022-42029.json +++ b/2022/42xxx/CVE-2022-42029.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-42029", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-42029", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Chamilo 1.11.16 is affected by an authenticated local file inclusion vulnerability which allows authenticated users with access to 'big file uploads' to copy/move files from anywhere in the file system into the web directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-95-2022-09-14-High-impact-Moderate-risk-Authenticated-Local-file-inclusion", + "refsource": "MISC", + "name": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-95-2022-09-14-High-impact-Moderate-risk-Authenticated-Local-file-inclusion" } ] }