From 5107a44b288a10b213c6693cb33df21bda3bbd16 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 19 Apr 2021 19:00:42 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/24xxx/CVE-2020-24994.json | 12 ++++++- 2021/26xxx/CVE-2021-26560.json | 7 +++- 2021/26xxx/CVE-2021-26561.json | 7 +++- 2021/26xxx/CVE-2021-26562.json | 7 +++- 2021/29xxx/CVE-2021-29457.json | 10 +++--- 2021/29xxx/CVE-2021-29458.json | 10 +++--- 2021/31xxx/CVE-2021-31254.json | 61 ++++++++++++++++++++++++++++++---- 2021/31xxx/CVE-2021-31255.json | 61 ++++++++++++++++++++++++++++++---- 2021/31xxx/CVE-2021-31256.json | 61 ++++++++++++++++++++++++++++++---- 2021/31xxx/CVE-2021-31257.json | 61 ++++++++++++++++++++++++++++++---- 2021/31xxx/CVE-2021-31258.json | 61 ++++++++++++++++++++++++++++++---- 2021/31xxx/CVE-2021-31259.json | 61 ++++++++++++++++++++++++++++++---- 2021/31xxx/CVE-2021-31260.json | 61 ++++++++++++++++++++++++++++++---- 2021/31xxx/CVE-2021-31261.json | 61 ++++++++++++++++++++++++++++++---- 2021/31xxx/CVE-2021-31262.json | 61 ++++++++++++++++++++++++++++++---- 2021/3xxx/CVE-2021-3506.json | 18 ++++++++++ 2021/3xxx/CVE-2021-3507.json | 18 ++++++++++ 17 files changed, 570 insertions(+), 68 deletions(-) create mode 100644 2021/3xxx/CVE-2021-3506.json create mode 100644 2021/3xxx/CVE-2021-3507.json diff --git a/2020/24xxx/CVE-2020-24994.json b/2020/24xxx/CVE-2020-24994.json index 12121a52f6b..6ae40ffe30a 100644 --- a/2020/24xxx/CVE-2020-24994.json +++ b/2020/24xxx/CVE-2020-24994.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.14.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file." + "value": "Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file." } ] }, @@ -61,6 +61,16 @@ "refsource": "MISC", "name": "https://github.com/libass/libass/issues/423", "url": "https://github.com/libass/libass/issues/423" + }, + { + "refsource": "MISC", + "name": "https://github.com/libass/libass/issues/422#issuecomment-806002919", + "url": "https://github.com/libass/libass/issues/422#issuecomment-806002919" + }, + { + "refsource": "MISC", + "name": "https://github.com/libass/libass/commit/6835731c2fe4164a0c50bc91d12c43b2a2b4e", + "url": "https://github.com/libass/libass/commit/6835731c2fe4164a0c50bc91d12c43b2a2b4e" } ] } diff --git a/2021/26xxx/CVE-2021-26560.json b/2021/26xxx/CVE-2021-26560.json index 42425b49ee8..37e1555734b 100644 --- a/2021/26xxx/CVE-2021-26560.json +++ b/2021/26xxx/CVE-2021-26560.json @@ -65,7 +65,12 @@ "name": "https://www.synology.com/security/advisory/Synology_SA_20_26", "refsource": "CONFIRM", "url": "https://www.synology.com/security/advisory/Synology_SA_20_26" + }, + { + "refsource": "MISC", + "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1159", + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1159" } ] } -} +} \ No newline at end of file diff --git a/2021/26xxx/CVE-2021-26561.json b/2021/26xxx/CVE-2021-26561.json index e76d18d84cd..1cda73da019 100644 --- a/2021/26xxx/CVE-2021-26561.json +++ b/2021/26xxx/CVE-2021-26561.json @@ -65,7 +65,12 @@ "name": "https://www.synology.com/security/advisory/Synology_SA_20_26", "refsource": "CONFIRM", "url": "https://www.synology.com/security/advisory/Synology_SA_20_26" + }, + { + "refsource": "MISC", + "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1159", + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1159" } ] } -} +} \ No newline at end of file diff --git a/2021/26xxx/CVE-2021-26562.json b/2021/26xxx/CVE-2021-26562.json index 14dde95c499..e0ff1aa2490 100644 --- a/2021/26xxx/CVE-2021-26562.json +++ b/2021/26xxx/CVE-2021-26562.json @@ -65,7 +65,12 @@ "name": "https://www.synology.com/security/advisory/Synology_SA_20_26", "refsource": "CONFIRM", "url": "https://www.synology.com/security/advisory/Synology_SA_20_26" + }, + { + "refsource": "MISC", + "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1159", + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1159" } ] } -} +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29457.json b/2021/29xxx/CVE-2021-29457.json index ed87430083a..9dd9314fcb0 100644 --- a/2021/29xxx/CVE-2021-29457.json +++ b/2021/29xxx/CVE-2021-29457.json @@ -53,16 +53,16 @@ }, "references": { "reference_data": [ - { - "name": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-v74w-h496-cgqm", - "refsource": "CONFIRM", - "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-v74w-h496-cgqm" - }, { "name": "https://github.com/Exiv2/exiv2/issues/1529", "refsource": "MISC", "url": "https://github.com/Exiv2/exiv2/issues/1529" }, + { + "name": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-v74w-h496-cgqm", + "refsource": "CONFIRM", + "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-v74w-h496-cgqm" + }, { "name": "https://github.com/Exiv2/exiv2/pull/1534", "refsource": "MISC", diff --git a/2021/29xxx/CVE-2021-29458.json b/2021/29xxx/CVE-2021-29458.json index 6c79a3392cf..3bab0c73660 100644 --- a/2021/29xxx/CVE-2021-29458.json +++ b/2021/29xxx/CVE-2021-29458.json @@ -53,16 +53,16 @@ }, "references": { "reference_data": [ - { - "name": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-57jj-75fm-9rq5", - "refsource": "CONFIRM", - "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-57jj-75fm-9rq5" - }, { "name": "https://github.com/Exiv2/exiv2/issues/1530", "refsource": "MISC", "url": "https://github.com/Exiv2/exiv2/issues/1530" }, + { + "name": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-57jj-75fm-9rq5", + "refsource": "CONFIRM", + "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-57jj-75fm-9rq5" + }, { "name": "https://github.com/Exiv2/exiv2/pull/1536", "refsource": "MISC", diff --git a/2021/31xxx/CVE-2021-31254.json b/2021/31xxx/CVE-2021-31254.json index 6478283ee63..b45e69deb3d 100644 --- a/2021/31xxx/CVE-2021-31254.json +++ b/2021/31xxx/CVE-2021-31254.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-31254", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-31254", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file, related invalid IV sizes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gpac/gpac/issues/1703", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/issues/1703" + }, + { + "url": "https://github.com/gpac/gpac/commit/8986422c21fbd9a7bf6561cae65aae42077447e8", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/commit/8986422c21fbd9a7bf6561cae65aae42077447e8" } ] } diff --git a/2021/31xxx/CVE-2021-31255.json b/2021/31xxx/CVE-2021-31255.json index 81dfe5b2415..d67013116d0 100644 --- a/2021/31xxx/CVE-2021-31255.json +++ b/2021/31xxx/CVE-2021-31255.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-31255", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-31255", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/issues/1733", + "url": "https://github.com/gpac/gpac/issues/1733" + }, + { + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/commit/758135e91e623d7dfe7f6aaad7aeb3f791b7a4e5", + "url": "https://github.com/gpac/gpac/commit/758135e91e623d7dfe7f6aaad7aeb3f791b7a4e5" } ] } diff --git a/2021/31xxx/CVE-2021-31256.json b/2021/31xxx/CVE-2021-31256.json index 206e3a01487..a7f37cb3e1e 100644 --- a/2021/31xxx/CVE-2021-31256.json +++ b/2021/31xxx/CVE-2021-31256.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-31256", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-31256", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Memory leak in the stbl_GetSampleInfos function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gpac/gpac/issues/1705", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/issues/1705" + }, + { + "url": "https://github.com/gpac/gpac/commit/2da2f68bffd51d89b1d272d22aa8cc023c1c066e", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/commit/2da2f68bffd51d89b1d272d22aa8cc023c1c066e" } ] } diff --git a/2021/31xxx/CVE-2021-31257.json b/2021/31xxx/CVE-2021-31257.json index 90d6f1a2d84..9eed26bd8df 100644 --- a/2021/31xxx/CVE-2021-31257.json +++ b/2021/31xxx/CVE-2021-31257.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-31257", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-31257", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The HintFile function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gpac/gpac/issues/1734", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/issues/1734" + }, + { + "url": "https://github.com/gpac/gpac/commit/87afe070cd6866df7fe80f11b26ef75161de85e0", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/commit/87afe070cd6866df7fe80f11b26ef75161de85e0" } ] } diff --git a/2021/31xxx/CVE-2021-31258.json b/2021/31xxx/CVE-2021-31258.json index 11beff5ea2a..418bc1c4cb5 100644 --- a/2021/31xxx/CVE-2021-31258.json +++ b/2021/31xxx/CVE-2021-31258.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-31258", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-31258", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The gf_isom_set_extraction_slc function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gpac/gpac/issues/1706", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/issues/1706" + }, + { + "url": "https://github.com/gpac/gpac/commit/ebfa346eff05049718f7b80041093b4c5581c24e", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/commit/ebfa346eff05049718f7b80041093b4c5581c24e" } ] } diff --git a/2021/31xxx/CVE-2021-31259.json b/2021/31xxx/CVE-2021-31259.json index 425c4b841f8..f9f5603ec1d 100644 --- a/2021/31xxx/CVE-2021-31259.json +++ b/2021/31xxx/CVE-2021-31259.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-31259", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-31259", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The gf_isom_cenc_get_default_info_internal function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gpac/gpac/issues/1735", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/issues/1735" + }, + { + "url": "https://github.com/gpac/gpac/commit/3b84ffcbacf144ce35650df958432f472b6483f8", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/commit/3b84ffcbacf144ce35650df958432f472b6483f8" } ] } diff --git a/2021/31xxx/CVE-2021-31260.json b/2021/31xxx/CVE-2021-31260.json index 097a777ee09..8bef3e24041 100644 --- a/2021/31xxx/CVE-2021-31260.json +++ b/2021/31xxx/CVE-2021-31260.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-31260", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-31260", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The MergeTrack function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gpac/gpac/issues/1736", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/issues/1736" + }, + { + "url": "https://github.com/gpac/gpac/commit/df8fffd839fe5ae9acd82d26fd48280a397411d9", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/commit/df8fffd839fe5ae9acd82d26fd48280a397411d9" } ] } diff --git a/2021/31xxx/CVE-2021-31261.json b/2021/31xxx/CVE-2021-31261.json index 076197a13c5..6b1168340ad 100644 --- a/2021/31xxx/CVE-2021-31261.json +++ b/2021/31xxx/CVE-2021-31261.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-31261", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-31261", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The gf_hinter_track_new function in GPAC 1.0.1 allows attackers to read memory via a crafted file in the MP4Box command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gpac/gpac/issues/1737", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/issues/1737" + }, + { + "url": "https://github.com/gpac/gpac/commit/cd3738dea038dbd12e603ad48cd7373ae0440f65", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/commit/cd3738dea038dbd12e603ad48cd7373ae0440f65" } ] } diff --git a/2021/31xxx/CVE-2021-31262.json b/2021/31xxx/CVE-2021-31262.json index d66aa87fb4a..8bff6d2965c 100644 --- a/2021/31xxx/CVE-2021-31262.json +++ b/2021/31xxx/CVE-2021-31262.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-31262", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-31262", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The AV1_DuplicateConfig function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gpac/gpac/issues/1738", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/issues/1738" + }, + { + "url": "https://github.com/gpac/gpac/commit/b2eab95e07cb5819375a50358d4806a8813b6e50", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/commit/b2eab95e07cb5819375a50358d4806a8813b6e50" } ] } diff --git a/2021/3xxx/CVE-2021-3506.json b/2021/3xxx/CVE-2021-3506.json new file mode 100644 index 00000000000..3f3ff5e7b88 --- /dev/null +++ b/2021/3xxx/CVE-2021-3506.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3506", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3507.json b/2021/3xxx/CVE-2021-3507.json new file mode 100644 index 00000000000..82f2582f724 --- /dev/null +++ b/2021/3xxx/CVE-2021-3507.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3507", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file