diff --git a/2019/18xxx/CVE-2019-18846.json b/2019/18xxx/CVE-2019-18846.json new file mode 100644 index 00000000000..2b1e22f8785 --- /dev/null +++ b/2019/18xxx/CVE-2019-18846.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18846", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OX App Suite through 7.10.2 allows SSRF." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html", + "url": "http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html" + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7907.json b/2020/7xxx/CVE-2020-7907.json index a574a24fd7b..8be97a41ab8 100644 --- a/2020/7xxx/CVE-2020-7907.json +++ b/2020/7xxx/CVE-2020-7907.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-7907", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-7907", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the JetBrains Scala plugin before 2019.2.1, some artefact dependencies were resolved over unencrypted connections." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://blog.jetbrains.com", + "refsource": "MISC", + "name": "https://blog.jetbrains.com" + }, + { + "refsource": "MISC", + "name": "https://blog.jetbrains.com/blog/2020/01/24/jetbrains-security-bulletin-q4-2019/", + "url": "https://blog.jetbrains.com/blog/2020/01/24/jetbrains-security-bulletin-q4-2019/" } ] } diff --git a/2020/8xxx/CVE-2020-8840.json b/2020/8xxx/CVE-2020-8840.json index 2b608f2e9e2..d48f708236e 100644 --- a/2020/8xxx/CVE-2020-8840.json +++ b/2020/8xxx/CVE-2020-8840.json @@ -71,6 +71,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200220 [SECURITY] [DLA 2111-1] jackson-databind security update", "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00020.html" + }, + { + "refsource": "MLIST", + "name": "[druid-commits] 20200221 [GitHub] [druid] ccaominh merged pull request #9379: Suppress CVE-2020-8840 for htrace-core-4.0.1", + "url": "https://lists.apache.org/thread.html/r3d20a2660b36551fd8257d479941782af4a7169582449fac1704bde2@%3Ccommits.druid.apache.org%3E" } ] }