From 55505c35c092740bb55621f7b29d24145f02f034 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 5 Feb 2021 14:01:01 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/12xxx/CVE-2019-12519.json | 5 +++ 2019/12xxx/CVE-2019-12520.json | 5 +++ 2019/12xxx/CVE-2019-12521.json | 5 +++ 2019/12xxx/CVE-2019-12522.json | 5 +++ 2019/12xxx/CVE-2019-12524.json | 5 +++ 2019/20xxx/CVE-2019-20808.json | 5 +++ 2019/25xxx/CVE-2019-25013.json | 5 +++ 2020/10xxx/CVE-2020-10537.json | 56 ++++++++++++++++++++++++++++++---- 2020/10xxx/CVE-2020-10538.json | 56 ++++++++++++++++++++++++++++++---- 2020/10xxx/CVE-2020-10539.json | 56 ++++++++++++++++++++++++++++++---- 2020/27xxx/CVE-2020-27846.json | 5 +++ 2020/29xxx/CVE-2020-29569.json | 5 +++ 2020/36xxx/CVE-2020-36179.json | 5 +++ 2020/36xxx/CVE-2020-36180.json | 5 +++ 2020/36xxx/CVE-2020-36181.json | 5 +++ 2020/36xxx/CVE-2020-36182.json | 5 +++ 2020/36xxx/CVE-2020-36183.json | 5 +++ 2020/36xxx/CVE-2020-36184.json | 5 +++ 2020/36xxx/CVE-2020-36185.json | 5 +++ 2020/36xxx/CVE-2020-36186.json | 5 +++ 2020/36xxx/CVE-2020-36187.json | 5 +++ 2020/36xxx/CVE-2020-36188.json | 5 +++ 2020/36xxx/CVE-2020-36189.json | 5 +++ 2020/8xxx/CVE-2020-8806.json | 56 ++++++++++++++++++++++++++++++---- 2020/8xxx/CVE-2020-8807.json | 56 ++++++++++++++++++++++++++++++---- 2021/20xxx/CVE-2021-20623.json | 11 +++++-- 2021/20xxx/CVE-2021-20652.json | 11 +++++-- 2021/25xxx/CVE-2021-25646.json | 10 ++++++ 2021/26xxx/CVE-2021-26700.json | 18 +++++++++++ 2021/26xxx/CVE-2021-26701.json | 18 +++++++++++ 2021/26xxx/CVE-2021-26702.json | 18 +++++++++++ 2021/26xxx/CVE-2021-26703.json | 18 +++++++++++ 2021/3xxx/CVE-2021-3325.json | 10 ++++++ 2021/3xxx/CVE-2021-3333.json | 56 ++++++++++++++++++++++++++++++---- 2021/3xxx/CVE-2021-3347.json | 10 ++++++ 35 files changed, 518 insertions(+), 42 deletions(-) create mode 100644 2021/26xxx/CVE-2021-26700.json create mode 100644 2021/26xxx/CVE-2021-26701.json create mode 100644 2021/26xxx/CVE-2021-26702.json create mode 100644 2021/26xxx/CVE-2021-26703.json diff --git a/2019/12xxx/CVE-2019-12519.json b/2019/12xxx/CVE-2019-12519.json index 838ad637bd1..8c3445cc4db 100644 --- a/2019/12xxx/CVE-2019-12519.json +++ b/2019/12xxx/CVE-2019-12519.json @@ -86,6 +86,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200710 [SECURITY] [DLA 2278-1] squid3 security update", "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0006/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0006/" } ] } diff --git a/2019/12xxx/CVE-2019-12520.json b/2019/12xxx/CVE-2019-12520.json index 632546c0007..5bd63cb1449 100644 --- a/2019/12xxx/CVE-2019-12520.json +++ b/2019/12xxx/CVE-2019-12520.json @@ -86,6 +86,11 @@ "refsource": "UBUNTU", "name": "USN-4446-1", "url": "https://usn.ubuntu.com/4446-1/" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0006/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0006/" } ] } diff --git a/2019/12xxx/CVE-2019-12521.json b/2019/12xxx/CVE-2019-12521.json index b9117f35fc1..f236110fc26 100644 --- a/2019/12xxx/CVE-2019-12521.json +++ b/2019/12xxx/CVE-2019-12521.json @@ -86,6 +86,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200710 [SECURITY] [DLA 2278-1] squid3 security update", "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0006/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0006/" } ] } diff --git a/2019/12xxx/CVE-2019-12522.json b/2019/12xxx/CVE-2019-12522.json index e6481cbd336..61cae44d9a2 100644 --- a/2019/12xxx/CVE-2019-12522.json +++ b/2019/12xxx/CVE-2019-12522.json @@ -56,6 +56,11 @@ "refsource": "MISC", "name": "https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12522.txt", "url": "https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12522.txt" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0006/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0006/" } ] } diff --git a/2019/12xxx/CVE-2019-12524.json b/2019/12xxx/CVE-2019-12524.json index 854d8846213..45057e0b2d5 100644 --- a/2019/12xxx/CVE-2019-12524.json +++ b/2019/12xxx/CVE-2019-12524.json @@ -71,6 +71,11 @@ "refsource": "UBUNTU", "name": "USN-4446-1", "url": "https://usn.ubuntu.com/4446-1/" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0006/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0006/" } ] } diff --git a/2019/20xxx/CVE-2019-20808.json b/2019/20xxx/CVE-2019-20808.json index 7372f8e57d4..38461684fc9 100644 --- a/2019/20xxx/CVE-2019-20808.json +++ b/2019/20xxx/CVE-2019-20808.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1841136", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841136" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0003/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0003/" } ] } diff --git a/2019/25xxx/CVE-2019-25013.json b/2019/25xxx/CVE-2019-25013.json index 23341bd6196..1db62e08a26 100644 --- a/2019/25xxx/CVE-2019-25013.json +++ b/2019/25xxx/CVE-2019-25013.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2021-6e581c051a", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0004/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0004/" } ] } diff --git a/2020/10xxx/CVE-2020-10537.json b/2020/10xxx/CVE-2020-10537.json index 42a9e0d87f0..f8a87d2b230 100644 --- a/2020/10xxx/CVE-2020-10537.json +++ b/2020/10xxx/CVE-2020-10537.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10537", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10537", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Epikur before 20.1.1. A Glassfish 4.1 server with a default configuration is running on TCP port 4848. No password is required to access it with the administrator account." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.x41-dsec.de/lab/advisories/x41-2020-003-epikur", + "refsource": "MISC", + "name": "https://www.x41-dsec.de/lab/advisories/x41-2020-003-epikur" } ] } diff --git a/2020/10xxx/CVE-2020-10538.json b/2020/10xxx/CVE-2020-10538.json index 7fb72c8305c..64312bf6042 100644 --- a/2020/10xxx/CVE-2020-10538.json +++ b/2020/10xxx/CVE-2020-10538.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10538", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10538", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Epikur before 20.1.1. It stores the secret passwords of the users as MD5 hashes in the database. MD5 can be brute-forced efficiently and should not be used for such purposes. Additionally, since no salt is used, rainbow tables can speed up the attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.x41-dsec.de/lab/advisories/x41-2020-003-epikur", + "refsource": "MISC", + "name": "https://www.x41-dsec.de/lab/advisories/x41-2020-003-epikur" } ] } diff --git a/2020/10xxx/CVE-2020-10539.json b/2020/10xxx/CVE-2020-10539.json index d0bf8280c82..c9f887fe8ea 100644 --- a/2020/10xxx/CVE-2020-10539.json +++ b/2020/10xxx/CVE-2020-10539.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10539", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10539", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Epikur before 20.1.1. The Epikur server contains the checkPasswort() function that, upon user login, checks the submitted password against the user password's MD5 hash stored in the database. It is also compared to a second MD5 hash, which is the same for every user (aka a \"Backdoor Password\" of 3p1kursupport). If the submitted password matches either one, access is granted." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.x41-dsec.de/lab/advisories/x41-2020-003-epikur", + "refsource": "MISC", + "name": "https://www.x41-dsec.de/lab/advisories/x41-2020-003-epikur" } ] } diff --git a/2020/27xxx/CVE-2020-27846.json b/2020/27xxx/CVE-2020-27846.json index 90199e8ac93..6f6a52436eb 100644 --- a/2020/27xxx/CVE-2020-27846.json +++ b/2020/27xxx/CVE-2020-27846.json @@ -73,6 +73,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-64e54abd9f", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ICP3YRY2VUCNCF2VFUSK77ZMRIC77FEM/" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0002/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0002/" } ] }, diff --git a/2020/29xxx/CVE-2020-29569.json b/2020/29xxx/CVE-2020-29569.json index 6442f9f9b36..bad77ef4182 100644 --- a/2020/29xxx/CVE-2020-29569.json +++ b/2020/29xxx/CVE-2020-29569.json @@ -61,6 +61,11 @@ "refsource": "DEBIAN", "name": "DSA-4843", "url": "https://www.debian.org/security/2021/dsa-4843" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0001/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0001/" } ] } diff --git a/2020/36xxx/CVE-2020-36179.json b/2020/36xxx/CVE-2020-36179.json index 91fadb55334..e754c3cd2f7 100644 --- a/2020/36xxx/CVE-2020-36179.json +++ b/2020/36xxx/CVE-2020-36179.json @@ -66,6 +66,11 @@ "refsource": "MLIST", "name": "[spark-issues] 20210115 [jira] [Created] (SPARK-34124) Upgrade jackson version to fix CVE-2020-36179 in Spark 2.4", "url": "https://lists.apache.org/thread.html/rc255f41d9a61d3dc79a51fb5c713de4ae10e71e3673feeb0b180b436@%3Cissues.spark.apache.org%3E" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0005/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0005/" } ] } diff --git a/2020/36xxx/CVE-2020-36180.json b/2020/36xxx/CVE-2020-36180.json index 14ee37df15e..b163265eed2 100644 --- a/2020/36xxx/CVE-2020-36180.json +++ b/2020/36xxx/CVE-2020-36180.json @@ -61,6 +61,11 @@ "url": "https://github.com/FasterXML/jackson-databind/issues/3004", "refsource": "MISC", "name": "https://github.com/FasterXML/jackson-databind/issues/3004" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0005/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0005/" } ] } diff --git a/2020/36xxx/CVE-2020-36181.json b/2020/36xxx/CVE-2020-36181.json index 5298e97a8b9..fd483735606 100644 --- a/2020/36xxx/CVE-2020-36181.json +++ b/2020/36xxx/CVE-2020-36181.json @@ -61,6 +61,11 @@ "url": "https://github.com/FasterXML/jackson-databind/issues/3004", "refsource": "MISC", "name": "https://github.com/FasterXML/jackson-databind/issues/3004" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0005/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0005/" } ] } diff --git a/2020/36xxx/CVE-2020-36182.json b/2020/36xxx/CVE-2020-36182.json index eea14ea2f10..d515ac410d8 100644 --- a/2020/36xxx/CVE-2020-36182.json +++ b/2020/36xxx/CVE-2020-36182.json @@ -61,6 +61,11 @@ "url": "https://github.com/FasterXML/jackson-databind/issues/3004", "refsource": "MISC", "name": "https://github.com/FasterXML/jackson-databind/issues/3004" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0005/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0005/" } ] } diff --git a/2020/36xxx/CVE-2020-36183.json b/2020/36xxx/CVE-2020-36183.json index 4a367ef79bb..471456fc811 100644 --- a/2020/36xxx/CVE-2020-36183.json +++ b/2020/36xxx/CVE-2020-36183.json @@ -61,6 +61,11 @@ "url": "https://github.com/FasterXML/jackson-databind/issues/3003", "refsource": "MISC", "name": "https://github.com/FasterXML/jackson-databind/issues/3003" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0005/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0005/" } ] } diff --git a/2020/36xxx/CVE-2020-36184.json b/2020/36xxx/CVE-2020-36184.json index 767a4809220..86380151496 100644 --- a/2020/36xxx/CVE-2020-36184.json +++ b/2020/36xxx/CVE-2020-36184.json @@ -61,6 +61,11 @@ "url": "https://github.com/FasterXML/jackson-databind/issues/2998", "refsource": "MISC", "name": "https://github.com/FasterXML/jackson-databind/issues/2998" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0005/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0005/" } ] } diff --git a/2020/36xxx/CVE-2020-36185.json b/2020/36xxx/CVE-2020-36185.json index 0ecba3edf61..378bd7a25b2 100644 --- a/2020/36xxx/CVE-2020-36185.json +++ b/2020/36xxx/CVE-2020-36185.json @@ -61,6 +61,11 @@ "url": "https://github.com/FasterXML/jackson-databind/issues/2998", "refsource": "MISC", "name": "https://github.com/FasterXML/jackson-databind/issues/2998" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0005/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0005/" } ] } diff --git a/2020/36xxx/CVE-2020-36186.json b/2020/36xxx/CVE-2020-36186.json index a5723ac5538..151e087fdae 100644 --- a/2020/36xxx/CVE-2020-36186.json +++ b/2020/36xxx/CVE-2020-36186.json @@ -61,6 +61,11 @@ "url": "https://github.com/FasterXML/jackson-databind/issues/2997", "refsource": "MISC", "name": "https://github.com/FasterXML/jackson-databind/issues/2997" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0005/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0005/" } ] } diff --git a/2020/36xxx/CVE-2020-36187.json b/2020/36xxx/CVE-2020-36187.json index cfcfa74ed08..362505811de 100644 --- a/2020/36xxx/CVE-2020-36187.json +++ b/2020/36xxx/CVE-2020-36187.json @@ -61,6 +61,11 @@ "url": "https://github.com/FasterXML/jackson-databind/issues/2997", "refsource": "MISC", "name": "https://github.com/FasterXML/jackson-databind/issues/2997" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0005/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0005/" } ] } diff --git a/2020/36xxx/CVE-2020-36188.json b/2020/36xxx/CVE-2020-36188.json index b33f3bf1c35..c5eb72ec844 100644 --- a/2020/36xxx/CVE-2020-36188.json +++ b/2020/36xxx/CVE-2020-36188.json @@ -61,6 +61,11 @@ "url": "https://github.com/FasterXML/jackson-databind/issues/2996", "refsource": "MISC", "name": "https://github.com/FasterXML/jackson-databind/issues/2996" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0005/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0005/" } ] } diff --git a/2020/36xxx/CVE-2020-36189.json b/2020/36xxx/CVE-2020-36189.json index bdc546aa6ad..e40b1f71b50 100644 --- a/2020/36xxx/CVE-2020-36189.json +++ b/2020/36xxx/CVE-2020-36189.json @@ -61,6 +61,11 @@ "url": "https://github.com/FasterXML/jackson-databind/issues/2996", "refsource": "MISC", "name": "https://github.com/FasterXML/jackson-databind/issues/2996" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210205-0005/", + "url": "https://security.netapp.com/advisory/ntap-20210205-0005/" } ] } diff --git a/2020/8xxx/CVE-2020-8806.json b/2020/8xxx/CVE-2020-8806.json index 2681c6b8b86..91ef43c5c61 100644 --- a/2020/8xxx/CVE-2020-8806.json +++ b/2020/8xxx/CVE-2020-8806.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-8806", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-8806", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. A valid chain could be incorrectly rejected because timestamp requirements on block headers were not properly enforced." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://electriccoin.co/blog/new-releases-2-1-1-and-hotfix-2-1-1-1/", + "url": "https://electriccoin.co/blog/new-releases-2-1-1-and-hotfix-2-1-1-1/" } ] } diff --git a/2020/8xxx/CVE-2020-8807.json b/2020/8xxx/CVE-2020-8807.json index f6c2581b82c..ed684b73fc1 100644 --- a/2020/8xxx/CVE-2020-8807.json +++ b/2020/8xxx/CVE-2020-8807.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-8807", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-8807", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Electric Coin Company Zcashd before 2.1.1-1, the time offset between messages could be leveraged to obtain sensitive information about the relationship between a suspected victim's address and an IP address, aka a timing side channel." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://electriccoin.co/blog/new-releases-2-1-1-and-hotfix-2-1-1-1/", + "url": "https://electriccoin.co/blog/new-releases-2-1-1-and-hotfix-2-1-1-1/" } ] } diff --git a/2021/20xxx/CVE-2021-20623.json b/2021/20xxx/CVE-2021-20623.json index 05715a60a90..e85088e29a6 100644 --- a/2021/20xxx/CVE-2021-20623.json +++ b/2021/20xxx/CVE-2021-20623.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20623", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "http://downloadvi.com/downloads/IPServer/v7.8/780182/v780182RN.pdf" + "url": "http://downloadvi.com/downloads/IPServer/v7.8/780182/v780182RN.pdf", + "refsource": "MISC", + "name": "http://downloadvi.com/downloads/IPServer/v7.8/780182/v780182RN.pdf" }, { - "url": "https://jvn.jp/en/jp/JVN42252698/index.html" + "url": "https://jvn.jp/en/jp/JVN42252698/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN42252698/index.html" } ] }, diff --git a/2021/20xxx/CVE-2021-20652.json b/2021/20xxx/CVE-2021-20652.json index f74f3cf9f39..35fa16cdc2b 100644 --- a/2021/20xxx/CVE-2021-20652.json +++ b/2021/20xxx/CVE-2021-20652.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-20652", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://wordpress.org/plugins/name-directory/" + "url": "https://wordpress.org/plugins/name-directory/", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/name-directory/" }, { - "url": "https://jvn.jp/en/jp/JVN50470170/index.html" + "url": "https://jvn.jp/en/jp/JVN50470170/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN50470170/index.html" } ] }, diff --git a/2021/25xxx/CVE-2021-25646.json b/2021/25xxx/CVE-2021-25646.json index db921ad2fd0..d623508b5ee 100644 --- a/2021/25xxx/CVE-2021-25646.json +++ b/2021/25xxx/CVE-2021-25646.json @@ -104,6 +104,16 @@ "refsource": "MLIST", "name": "[druid-commits] 20210204 [GitHub] [druid] jihoonson opened a new pull request #10854: [Backport] Fix CVE-2021-25646", "url": "https://lists.apache.org/thread.html/r121abe8014d381943b63c60615149d40bde9dc1c868bcee90d0d0848@%3Ccommits.druid.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[druid-commits] 20210204 [druid] branch 0.21.0 updated: Fix CVE-2021-25646 (#10818) (#10854)", + "url": "https://lists.apache.org/thread.html/rfeb775822cd3baef1595b60f6860f5ca849eb1903236483f3297bd5c@%3Ccommits.druid.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[druid-commits] 20210204 [GitHub] [druid] jihoonson merged pull request #10854: [Backport] Fix CVE-2021-25646", + "url": "https://lists.apache.org/thread.html/r04fa1ba93599487c95a8497044d37f8c02a439bfcf92b4567bfb7c8f@%3Ccommits.druid.apache.org%3E" } ] }, diff --git a/2021/26xxx/CVE-2021-26700.json b/2021/26xxx/CVE-2021-26700.json new file mode 100644 index 00000000000..df51be9a628 --- /dev/null +++ b/2021/26xxx/CVE-2021-26700.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-26700", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/26xxx/CVE-2021-26701.json b/2021/26xxx/CVE-2021-26701.json new file mode 100644 index 00000000000..349589181e2 --- /dev/null +++ b/2021/26xxx/CVE-2021-26701.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-26701", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/26xxx/CVE-2021-26702.json b/2021/26xxx/CVE-2021-26702.json new file mode 100644 index 00000000000..0b9df1f5e2e --- /dev/null +++ b/2021/26xxx/CVE-2021-26702.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-26702", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/26xxx/CVE-2021-26703.json b/2021/26xxx/CVE-2021-26703.json new file mode 100644 index 00000000000..2897d290cdd --- /dev/null +++ b/2021/26xxx/CVE-2021-26703.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-26703", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3325.json b/2021/3xxx/CVE-2021-3325.json index c1535702f45..415c0b80c0d 100644 --- a/2021/3xxx/CVE-2021-3325.json +++ b/2021/3xxx/CVE-2021-3325.json @@ -71,6 +71,16 @@ "refsource": "CONFIRM", "name": "https://www.monitorix.org/news.html?n=20210127", "url": "https://www.monitorix.org/news.html?n=20210127" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-fc24737ebc", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IGG6WK44CYY6GEFRTCUEDANVNSX5NDH7/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-5f7da70bfe", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67DDUU56LP76AJ2K7WJ733QPL2FHKKNG/" } ] } diff --git a/2021/3xxx/CVE-2021-3333.json b/2021/3xxx/CVE-2021-3333.json index 20ddb9457d0..95786c91594 100644 --- a/2021/3xxx/CVE-2021-3333.json +++ b/2021/3xxx/CVE-2021-3333.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-3333", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-3333", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting (XSS). When outputting SQL statements for debugging, a maliciously crafted query can trigger an XSS attack. This attack only succeeds if the user is already logged in to Open-AudIT before they click the malicious link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://community.opmantek.com/display/OA/Errata+-+4.0.1+XSS+in+SQL+debugging+output", + "refsource": "MISC", + "name": "https://community.opmantek.com/display/OA/Errata+-+4.0.1+XSS+in+SQL+debugging+output" } ] } diff --git a/2021/3xxx/CVE-2021-3347.json b/2021/3xxx/CVE-2021-3347.json index 2bcb4e7e078..c591b69420a 100644 --- a/2021/3xxx/CVE-2021-3347.json +++ b/2021/3xxx/CVE-2021-3347.json @@ -121,6 +121,16 @@ "refsource": "DEBIAN", "name": "DSA-4843", "url": "https://www.debian.org/security/2021/dsa-4843" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-6e805a5051", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CXAVDAK4RLAHBHHGEPL73UFXSI6BXQ7Q/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-879c756377", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QOBMXDJABYE76RKNBAWA2E4TSSBX7CSJ/" } ] }