Auto-merge PR#4930

2025-06-10 02:04:31 +00:00 · 2020-09-29 14:55:13 -04:00 · 2020-09-29 14:55:13 -04:00 · 52f824fd60
commit 52f824fd60
parent 1ead9c044e 010a8f4dd9
1 changed files with 15 additions and 9 deletions
--- a/2019/2xxx/CVE-2019-2390.json
+++ b/2019/2xxx/CVE-2019-2390.json
@ -9,7 +9,6 @@
        "vendor": {
            "vendor_data": [
                {
-                    "vendor_name": "MongoDB Inc.",
                    "product": {
                        "product_data": [
                            {
@ -17,19 +16,26 @@
                                "version": {
                                    "version_data": [
                                        {
-                                            "version_value": "4.0 prior to 4.0.11"
+                                            "version_affected": "<",
+                                            "version_name": "4.0",
+                                            "version_value": "4.0.11"
                                        },
                                        {
-                                            "version_value": "3.6 prior to 3.6.14"
+                                            "version_affected": "<",
+                                            "version_name": "3.6",
+                                            "version_value": "3.6.14"
                                        },
                                        {
-                                            "version_value": "3.4 prior to 3.4.22"
+                                            "version_affected": "<",
+                                            "version_name": "3.4",
+                                            "version_value": "3.4.22"
                                        }
                                    ]
                                }
                            }
                        ]
-                    }
+                    },
+                    "vendor_name": "MongoDB Inc."
                }
            ]
        }
@ -47,12 +53,12 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server versions less than 4.0.11, 3.6.14, and 3.4.22 to run attacker defined code as the user running the utility."
+                "value": "An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server to run attacker defined code as the user running the utility. This issue affects: MongoDB Inc. MongoDB Server 4.0 prior to 4.0.11; 3.6 prior to 3.6.14; 3.4 prior to 3.4.22."
            }
        ]
    },
    "generator": {
-        "engine": "Vulnogram 0.0.6"
+        "engine": "Vulnogram 0.0.9"
    },
    "impact": {
        "cvss": {
@ -66,8 +72,8 @@
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
-            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
-            "version": "3.0"
+            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
+            "version": "3.1"
        }
    },
    "problemtype": {