From 548e236b75f4feac998b13a93ff01af413140e83 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 15 Jul 2020 21:01:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/13xxx/CVE-2020-13788.json | 66 ++++++++++++++++++++++++++--- 2020/14xxx/CVE-2020-14982.json | 61 ++++++++++++++++++++++++--- 2020/15xxx/CVE-2020-15051.json | 61 ++++++++++++++++++++++++--- 2020/15xxx/CVE-2020-15779.json | 77 ++++++++++++++++++++++++++++++++++ 2020/1xxx/CVE-2020-1943.json | 5 +++ 2020/2xxx/CVE-2020-2220.json | 5 +++ 2020/2xxx/CVE-2020-2221.json | 5 +++ 2020/2xxx/CVE-2020-2222.json | 5 +++ 2020/2xxx/CVE-2020-2223.json | 5 +++ 2020/2xxx/CVE-2020-2224.json | 5 +++ 2020/2xxx/CVE-2020-2225.json | 5 +++ 2020/2xxx/CVE-2020-2226.json | 5 +++ 2020/2xxx/CVE-2020-2227.json | 5 +++ 2020/2xxx/CVE-2020-2228.json | 5 +++ 2020/6xxx/CVE-2020-6164.json | 56 ++++++++++++++++++++++--- 2020/6xxx/CVE-2020-6165.json | 56 ++++++++++++++++++++++--- 2020/8xxx/CVE-2020-8958.json | 71 ++++++++++++++++++++++++++++--- 2020/9xxx/CVE-2020-9309.json | 56 ++++++++++++++++++++++--- 2020/9xxx/CVE-2020-9311.json | 56 ++++++++++++++++++++++--- 19 files changed, 562 insertions(+), 48 deletions(-) create mode 100644 2020/15xxx/CVE-2020-15779.json diff --git a/2020/13xxx/CVE-2020-13788.json b/2020/13xxx/CVE-2020-13788.json index f528f43f17f..94dae312a3e 100644 --- a/2020/13xxx/CVE-2020-13788.json +++ b/2020/13xxx/CVE-2020-13788.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-13788", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-13788", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/goharbor/harbor/releases", + "refsource": "MISC", + "name": "https://github.com/goharbor/harbor/releases" + }, + { + "refsource": "CONFIRM", + "name": "https://www.soluble.ai/blog/harbor-ssrf-cve-2020-13788", + "url": "https://www.soluble.ai/blog/harbor-ssrf-cve-2020-13788" + }, + { + "refsource": "MISC", + "name": "https://www.youtube.com/watch?v=v8Isqy4yR3Q", + "url": "https://www.youtube.com/watch?v=v8Isqy4yR3Q" } ] } diff --git a/2020/14xxx/CVE-2020-14982.json b/2020/14xxx/CVE-2020-14982.json index 9305d87530e..575ddda3122 100644 --- a/2020/14xxx/CVE-2020-14982.json +++ b/2020/14xxx/CVE-2020-14982.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-14982", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-14982", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Blind SQL Injection vulnerability in Kronos WebTA 3.8.x and later before 4.0 (affecting the com.threeis.webta.H352premPayRequest servlet's SortBy parameter) allows an attacker with the Employee, Supervisor, or Timekeeper role to read sensitive data from the database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mindpointgroup.com/articles/", + "refsource": "MISC", + "name": "https://www.mindpointgroup.com/articles/" + }, + { + "refsource": "MISC", + "name": "https://www.mindpointgroup.com/blog/webta-sqli-vulnerability/", + "url": "https://www.mindpointgroup.com/blog/webta-sqli-vulnerability/" } ] } diff --git a/2020/15xxx/CVE-2020-15051.json b/2020/15xxx/CVE-2020-15051.json index f0012469773..1052e868dfb 100644 --- a/2020/15xxx/CVE-2020-15051.json +++ b/2020/15xxx/CVE-2020-15051.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-15051", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-15051", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Artica Proxy before 4.30.000000. Stored XSS exists via the Server Domain Name, Your Email Address, Group Name, MYSQL Server, Database, MYSQL Username, Group Name, and Task Description fields." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://artica-proxy.com/telechargements/", + "refsource": "MISC", + "name": "http://artica-proxy.com/telechargements/" + }, + { + "refsource": "MISC", + "name": "https://github.com/pratikshad19/CVE-2020-15051", + "url": "https://github.com/pratikshad19/CVE-2020-15051" } ] } diff --git a/2020/15xxx/CVE-2020-15779.json b/2020/15xxx/CVE-2020-15779.json new file mode 100644 index 00000000000..00a2b7075b9 --- /dev/null +++ b/2020/15xxx/CVE-2020-15779.json @@ -0,0 +1,77 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-15779", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A Path Traversal issue was discovered in the socket.io-file package through 2.0.31 for Node.js. The socket.io-file::createFile message uses path.join with ../ in the name option, and the uploadDir and rename options determine the path." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.npmjs.com/package/socket.io-file", + "refsource": "MISC", + "name": "https://www.npmjs.com/package/socket.io-file" + }, + { + "url": "https://github.com/rico345100/socket.io-file", + "refsource": "MISC", + "name": "https://github.com/rico345100/socket.io-file" + }, + { + "url": "https://www.npmjs.com/advisories/1519", + "refsource": "MISC", + "name": "https://www.npmjs.com/advisories/1519" + }, + { + "url": "https://github.com/advisories/GHSA-9h4g-27m8-qjrg", + "refsource": "MISC", + "name": "https://github.com/advisories/GHSA-9h4g-27m8-qjrg" + } + ] + } +} \ No newline at end of file diff --git a/2020/1xxx/CVE-2020-1943.json b/2020/1xxx/CVE-2020-1943.json index 5c9f035a411..47f63e0a68c 100644 --- a/2020/1xxx/CVE-2020-1943.json +++ b/2020/1xxx/CVE-2020-1943.json @@ -58,6 +58,11 @@ "refsource": "MLIST", "name": "[ofbiz-dev] 20200705 Error.ftl everywhere", "url": "https://lists.apache.org/thread.html/r8efd5b62604d849ae2f93b2eb9ce0ce0356a4cf5812deed14030a757@%3Cdev.ofbiz.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[ofbiz-dev] 20200715 Re: Error.ftl everywhere", + "url": "https://lists.apache.org/thread.html/ra6c011af63d8a8cd8c0b8f72b2b0c392af4d5ed040ba59be344d13fa@%3Cdev.ofbiz.apache.org%3E" } ] }, diff --git a/2020/2xxx/CVE-2020-2220.json b/2020/2xxx/CVE-2020-2220.json index db9fec245e9..7b2236bdc3c 100644 --- a/2020/2xxx/CVE-2020-2220.json +++ b/2020/2xxx/CVE-2020-2220.json @@ -61,6 +61,11 @@ "name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1868", "url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1868", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/07/15/5" } ] } diff --git a/2020/2xxx/CVE-2020-2221.json b/2020/2xxx/CVE-2020-2221.json index 2d39303a6c9..3cc96de0fec 100644 --- a/2020/2xxx/CVE-2020-2221.json +++ b/2020/2xxx/CVE-2020-2221.json @@ -61,6 +61,11 @@ "name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1901", "url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1901", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/07/15/5" } ] } diff --git a/2020/2xxx/CVE-2020-2222.json b/2020/2xxx/CVE-2020-2222.json index 814aa90bf00..a2c114f4d89 100644 --- a/2020/2xxx/CVE-2020-2222.json +++ b/2020/2xxx/CVE-2020-2222.json @@ -61,6 +61,11 @@ "name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1902", "url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1902", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/07/15/5" } ] } diff --git a/2020/2xxx/CVE-2020-2223.json b/2020/2xxx/CVE-2020-2223.json index ffdf9874e7a..8edb5c2e6f3 100644 --- a/2020/2xxx/CVE-2020-2223.json +++ b/2020/2xxx/CVE-2020-2223.json @@ -61,6 +61,11 @@ "name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1945", "url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1945", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/07/15/5" } ] } diff --git a/2020/2xxx/CVE-2020-2224.json b/2020/2xxx/CVE-2020-2224.json index ef79f178244..636eaa7fb02 100644 --- a/2020/2xxx/CVE-2020-2224.json +++ b/2020/2xxx/CVE-2020-2224.json @@ -57,6 +57,11 @@ "name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1924", "url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1924", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/07/15/5" } ] } diff --git a/2020/2xxx/CVE-2020-2225.json b/2020/2xxx/CVE-2020-2225.json index 2072ab4bf76..faea6ead58b 100644 --- a/2020/2xxx/CVE-2020-2225.json +++ b/2020/2xxx/CVE-2020-2225.json @@ -57,6 +57,11 @@ "name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1925", "url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1925", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/07/15/5" } ] } diff --git a/2020/2xxx/CVE-2020-2226.json b/2020/2xxx/CVE-2020-2226.json index aeb2f9713d0..0e27b3ed37f 100644 --- a/2020/2xxx/CVE-2020-2226.json +++ b/2020/2xxx/CVE-2020-2226.json @@ -57,6 +57,11 @@ "name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1909", "url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1909", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/07/15/5" } ] } diff --git a/2020/2xxx/CVE-2020-2227.json b/2020/2xxx/CVE-2020-2227.json index 132950cd9eb..20287b7f977 100644 --- a/2020/2xxx/CVE-2020-2227.json +++ b/2020/2xxx/CVE-2020-2227.json @@ -57,6 +57,11 @@ "name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1915", "url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1915", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/07/15/5" } ] } diff --git a/2020/2xxx/CVE-2020-2228.json b/2020/2xxx/CVE-2020-2228.json index 39ce5beacb7..4efda8055b8 100644 --- a/2020/2xxx/CVE-2020-2228.json +++ b/2020/2xxx/CVE-2020-2228.json @@ -57,6 +57,11 @@ "name": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1792", "url": "https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1792", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200715 Multiple vulnerabilities in Jenkins and Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2020/07/15/5" } ] } diff --git a/2020/6xxx/CVE-2020-6164.json b/2020/6xxx/CVE-2020-6164.json index d47e05ca1b5..70e877abb89 100644 --- a/2020/6xxx/CVE-2020-6164.json +++ b/2020/6xxx/CVE-2020-6164.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-6164", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-6164", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In SilverStripe through 4.5.0, a specific URL path configured by default through the silverstripe/framework module can be used to disclose the fact that a domain is hosting a Silverstripe application. There is no disclosure of the specific version. The functionality on this URL path is limited to execution in a CLI context, and is not known to present a vulnerability through web-based access. As a side-effect, this preconfigured path also blocks the creation of other resources on this path (e.g. a page)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.silverstripe.org/download/security-releases/CVE-2020-6164", + "url": "https://www.silverstripe.org/download/security-releases/CVE-2020-6164" } ] } diff --git a/2020/6xxx/CVE-2020-6165.json b/2020/6xxx/CVE-2020-6165.json index d949dfb60dc..f54a82d42d5 100644 --- a/2020/6xxx/CVE-2020-6165.json +++ b/2020/6xxx/CVE-2020-6165.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-6165", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-6165", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SilverStripe 4.5.0 allows attackers to read certain records that should not have been placed into a result set. This affects silverstripe/recipe-cms. The automatic permission-checking mechanism in the silverstripe/graphql module does not provide complete protection against lists that are limited (e.g., through pagination), resulting in records that should have failed a permission check being added to the final result set. GraphQL endpoints are configured by default (e.g., for assets), but the admin/graphql endpoint is access protected by default. This limits the vulnerability to all authenticated users, including those with limited permissions (e.g., where viewing records exposed through admin/graphql requires administrator permissions). However, if custom GraphQL endpoints have been configured for a specific implementation (usually under /graphql), this vulnerability could also be exploited through unauthenticated requests. This vulnerability only applies to reading records; it does not allow unauthorised changing of records." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.silverstripe.org/download/security-releases/CVE-2020-6165", + "url": "https://www.silverstripe.org/download/security-releases/CVE-2020-6165" } ] } diff --git a/2020/8xxx/CVE-2020-8958.json b/2020/8xxx/CVE-2020-8958.json index b7693eb5a9d..4472a413f18 100644 --- a/2020/8xxx/CVE-2020-8958.json +++ b/2020/8xxx/CVE-2020-8958.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-8958", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-8958", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.gpononu.com/dual-mode-onu/1GE-Router-WiFi-ONU.html", + "refsource": "MISC", + "name": "https://www.gpononu.com/dual-mode-onu/1GE-Router-WiFi-ONU.html" + }, + { + "url": "https://www.gpononu.com/gpon-ont/4ge-epon-onu-v2804ew.html", + "refsource": "MISC", + "name": "https://www.gpononu.com/gpon-ont/4ge-epon-onu-v2804ew.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/qurbat/gpon", + "url": "https://github.com/qurbat/gpon" + }, + { + "refsource": "MISC", + "name": "https://www.karansaini.com/os-command-injection-v-sol/", + "url": "https://www.karansaini.com/os-command-injection-v-sol/" } ] } diff --git a/2020/9xxx/CVE-2020-9309.json b/2020/9xxx/CVE-2020-9309.json index 9d3390dd20d..0fa6a40f91d 100644 --- a/2020/9xxx/CVE-2020-9309.json +++ b/2020/9xxx/CVE-2020-9309.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-9309", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-9309", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Silverstripe CMS through 4.5 can be susceptible to script execution from malicious upload contents under allowed file extensions (for example HTML code in a TXT file). When these files are stored as protected or draft files, the MIME detection can cause browsers to execute the file contents. Uploads stored as protected or draft files are allowed by default for authorised users only, but can also be enabled through custom logic as well as modules such as silverstripe/userforms. Sites using the previously optional silverstripe/mimevalidator module can configure MIME whitelists rather than extension whitelists, and hence prevent this issue. Sites on the Common Web Platform (CWP) use this module by default, and are not affected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.silverstripe.org/download/security-releases/CVE-2020-9309", + "url": "https://www.silverstripe.org/download/security-releases/CVE-2020-9309" } ] } diff --git a/2020/9xxx/CVE-2020-9311.json b/2020/9xxx/CVE-2020-9311.json index b7155e6d598..ae3d101d048 100644 --- a/2020/9xxx/CVE-2020-9311.json +++ b/2020/9xxx/CVE-2020-9311.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-9311", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-9311", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In SilverStripe through 4.5, malicious users with a valid Silverstripe CMS login (usually CMS access) can craft profile information which can lead to XSS for other users through specially crafted login form URLs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.silverstripe.org/download/security-releases/CVE-2020-9311", + "url": "https://www.silverstripe.org/download/security-releases/CVE-2020-9311" } ] }