admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-02-05 14:01:01 +00:00
parent 6358499bc9
commit 55505c35c0
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
35 changed files with 518 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/12xxx/CVE-2019-12519.json
View File

@ -86,6 +86,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200710 [SECURITY] [DLA 2278-1] squid3 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0006/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0006/"
}
]
}

5
2019/12xxx/CVE-2019-12520.json
View File

@ -86,6 +86,11 @@
"refsource": "UBUNTU",
"name": "USN-4446-1",
"url": "https://usn.ubuntu.com/4446-1/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0006/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0006/"
}
]
}

5
2019/12xxx/CVE-2019-12521.json
View File

@ -86,6 +86,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200710 [SECURITY] [DLA 2278-1] squid3 security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0006/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0006/"
}
]
}

5
2019/12xxx/CVE-2019-12522.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC",
"name": "https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12522.txt",
"url": "https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12522.txt"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0006/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0006/"
}
]
}

5
2019/12xxx/CVE-2019-12524.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4446-1",
"url": "https://usn.ubuntu.com/4446-1/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0006/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0006/"
}
]
}

5
2019/20xxx/CVE-2019-20808.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1841136",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841136"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0003/"
}
]
}

5
2019/25xxx/CVE-2019-25013.json
View File

@ -71,6 +71,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-6e581c051a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0004/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0004/"
}
]
}

56
2020/10xxx/CVE-2020-10537.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-10537",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-10537",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Epikur before 20.1.1. A Glassfish 4.1 server with a default configuration is running on TCP port 4848. No password is required to access it with the administrator account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.x41-dsec.de/lab/advisories/x41-2020-003-epikur",
"refsource": "MISC",
"name": "https://www.x41-dsec.de/lab/advisories/x41-2020-003-epikur"
}
]
}

56
2020/10xxx/CVE-2020-10538.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-10538",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-10538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Epikur before 20.1.1. It stores the secret passwords of the users as MD5 hashes in the database. MD5 can be brute-forced efficiently and should not be used for such purposes. Additionally, since no salt is used, rainbow tables can speed up the attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.x41-dsec.de/lab/advisories/x41-2020-003-epikur",
"refsource": "MISC",
"name": "https://www.x41-dsec.de/lab/advisories/x41-2020-003-epikur"
}
]
}

56
2020/10xxx/CVE-2020-10539.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-10539",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-10539",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Epikur before 20.1.1. The Epikur server contains the checkPasswort() function that, upon user login, checks the submitted password against the user password's MD5 hash stored in the database. It is also compared to a second MD5 hash, which is the same for every user (aka a \"Backdoor Password\" of 3p1kursupport). If the submitted password matches either one, access is granted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.x41-dsec.de/lab/advisories/x41-2020-003-epikur",
"refsource": "MISC",
"name": "https://www.x41-dsec.de/lab/advisories/x41-2020-003-epikur"
}
]
}

5
2020/27xxx/CVE-2020-27846.json
View File

@ -73,6 +73,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2020-64e54abd9f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ICP3YRY2VUCNCF2VFUSK77ZMRIC77FEM/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0002/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0002/"
}
]
},

5
2020/29xxx/CVE-2020-29569.json
View File

@ -61,6 +61,11 @@
"refsource": "DEBIAN",
"name": "DSA-4843",
"url": "https://www.debian.org/security/2021/dsa-4843"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0001/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0001/"
}
]
}

5
2020/36xxx/CVE-2020-36179.json
View File

@ -66,6 +66,11 @@
"refsource": "MLIST",
"name": "[spark-issues] 20210115 [jira] [Created] (SPARK-34124) Upgrade jackson version to fix CVE-2020-36179 in Spark 2.4",
"url": "https://lists.apache.org/thread.html/rc255f41d9a61d3dc79a51fb5c713de4ae10e71e3673feeb0b180b436@%3Cissues.spark.apache.org%3E"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0005/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0005/"
}
]
}

5
2020/36xxx/CVE-2020-36180.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/FasterXML/jackson-databind/issues/3004",
"refsource": "MISC",
"name": "https://github.com/FasterXML/jackson-databind/issues/3004"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0005/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0005/"
}
]
}

5
2020/36xxx/CVE-2020-36181.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/FasterXML/jackson-databind/issues/3004",
"refsource": "MISC",
"name": "https://github.com/FasterXML/jackson-databind/issues/3004"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0005/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0005/"
}
]
}

5
2020/36xxx/CVE-2020-36182.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/FasterXML/jackson-databind/issues/3004",
"refsource": "MISC",
"name": "https://github.com/FasterXML/jackson-databind/issues/3004"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0005/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0005/"
}
]
}

5
2020/36xxx/CVE-2020-36183.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/FasterXML/jackson-databind/issues/3003",
"refsource": "MISC",
"name": "https://github.com/FasterXML/jackson-databind/issues/3003"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0005/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0005/"
}
]
}

5
2020/36xxx/CVE-2020-36184.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/FasterXML/jackson-databind/issues/2998",
"refsource": "MISC",
"name": "https://github.com/FasterXML/jackson-databind/issues/2998"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0005/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0005/"
}
]
}

5
2020/36xxx/CVE-2020-36185.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/FasterXML/jackson-databind/issues/2998",
"refsource": "MISC",
"name": "https://github.com/FasterXML/jackson-databind/issues/2998"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0005/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0005/"
}
]
}

5
2020/36xxx/CVE-2020-36186.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/FasterXML/jackson-databind/issues/2997",
"refsource": "MISC",
"name": "https://github.com/FasterXML/jackson-databind/issues/2997"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0005/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0005/"
}
]
}

5
2020/36xxx/CVE-2020-36187.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/FasterXML/jackson-databind/issues/2997",
"refsource": "MISC",
"name": "https://github.com/FasterXML/jackson-databind/issues/2997"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0005/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0005/"
}
]
}

5
2020/36xxx/CVE-2020-36188.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/FasterXML/jackson-databind/issues/2996",
"refsource": "MISC",
"name": "https://github.com/FasterXML/jackson-databind/issues/2996"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0005/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0005/"
}
]
}

5
2020/36xxx/CVE-2020-36189.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/FasterXML/jackson-databind/issues/2996",
"refsource": "MISC",
"name": "https://github.com/FasterXML/jackson-databind/issues/2996"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210205-0005/",
"url": "https://security.netapp.com/advisory/ntap-20210205-0005/"
}
]
}

56
2020/8xxx/CVE-2020-8806.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8806",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-8806",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. A valid chain could be incorrectly rejected because timestamp requirements on block headers were not properly enforced."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://electriccoin.co/blog/new-releases-2-1-1-and-hotfix-2-1-1-1/",
"url": "https://electriccoin.co/blog/new-releases-2-1-1-and-hotfix-2-1-1-1/"
}
]
}

56
2020/8xxx/CVE-2020-8807.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8807",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-8807",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Electric Coin Company Zcashd before 2.1.1-1, the time offset between messages could be leveraged to obtain sensitive information about the relationship between a suspected victim's address and an IP address, aka a timing side channel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://electriccoin.co/blog/new-releases-2-1-1-and-hotfix-2-1-1-1/",
"url": "https://electriccoin.co/blog/new-releases-2-1-1-and-hotfix-2-1-1-1/"
}
]
}

11
2021/20xxx/CVE-2021-20623.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20623",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -44,10 +45,14 @@
"references": {
"reference_data": [
{
"url": "http://downloadvi.com/downloads/IPServer/v7.8/780182/v780182RN.pdf"
"url": "http://downloadvi.com/downloads/IPServer/v7.8/780182/v780182RN.pdf",
"refsource": "MISC",
"name": "http://downloadvi.com/downloads/IPServer/v7.8/780182/v780182RN.pdf"
},
{
"url": "https://jvn.jp/en/jp/JVN42252698/index.html"
"url": "https://jvn.jp/en/jp/JVN42252698/index.html",
"refsource": "MISC",
"name": "https://jvn.jp/en/jp/JVN42252698/index.html"
}
]
},

11
2021/20xxx/CVE-2021-20652.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20652",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -44,10 +45,14 @@
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/name-directory/"
"url": "https://wordpress.org/plugins/name-directory/",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/name-directory/"
},
{
"url": "https://jvn.jp/en/jp/JVN50470170/index.html"
"url": "https://jvn.jp/en/jp/JVN50470170/index.html",
"refsource": "MISC",
"name": "https://jvn.jp/en/jp/JVN50470170/index.html"
}
]
},

10
2021/25xxx/CVE-2021-25646.json
View File

@ -104,6 +104,16 @@
"refsource": "MLIST",
"name": "[druid-commits] 20210204 [GitHub] [druid] jihoonson opened a new pull request #10854: [Backport] Fix CVE-2021-25646",
"url": "https://lists.apache.org/thread.html/r121abe8014d381943b63c60615149d40bde9dc1c868bcee90d0d0848@%3Ccommits.druid.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[druid-commits] 20210204 [druid] branch 0.21.0 updated: Fix CVE-2021-25646 (#10818) (#10854)",
"url": "https://lists.apache.org/thread.html/rfeb775822cd3baef1595b60f6860f5ca849eb1903236483f3297bd5c@%3Ccommits.druid.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[druid-commits] 20210204 [GitHub] [druid] jihoonson merged pull request #10854: [Backport] Fix CVE-2021-25646",
"url": "https://lists.apache.org/thread.html/r04fa1ba93599487c95a8497044d37f8c02a439bfcf92b4567bfb7c8f@%3Ccommits.druid.apache.org%3E"
}
]
},

18
2021/26xxx/CVE-2021-26700.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-26700",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/26xxx/CVE-2021-26701.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-26701",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/26xxx/CVE-2021-26702.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-26702",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/26xxx/CVE-2021-26703.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-26703",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

10
2021/3xxx/CVE-2021-3325.json
View File

@ -71,6 +71,16 @@
"refsource": "CONFIRM",
"name": "https://www.monitorix.org/news.html?n=20210127",
"url": "https://www.monitorix.org/news.html?n=20210127"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-fc24737ebc",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IGG6WK44CYY6GEFRTCUEDANVNSX5NDH7/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-5f7da70bfe",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67DDUU56LP76AJ2K7WJ733QPL2FHKKNG/"
}
]
}

56
2021/3xxx/CVE-2021-3333.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3333",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-3333",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting (XSS). When outputting SQL statements for debugging, a maliciously crafted query can trigger an XSS attack. This attack only succeeds if the user is already logged in to Open-AudIT before they click the malicious link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://community.opmantek.com/display/OA/Errata+-+4.0.1+XSS+in+SQL+debugging+output",
"refsource": "MISC",
"name": "https://community.opmantek.com/display/OA/Errata+-+4.0.1+XSS+in+SQL+debugging+output"
}
]
}

10
2021/3xxx/CVE-2021-3347.json
View File

@ -121,6 +121,16 @@
"refsource": "DEBIAN",
"name": "DSA-4843",
"url": "https://www.debian.org/security/2021/dsa-4843"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-6e805a5051",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CXAVDAK4RLAHBHHGEPL73UFXSI6BXQ7Q/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-879c756377",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QOBMXDJABYE76RKNBAWA2E4TSSBX7CSJ/"
}
]
}