admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-05-11 14:01:28 +00:00
parent 511a158a71
commit 5c7dea7231
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
3 changed files with 78 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2020/10xxx/CVE-2020-10685.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-10685",
"ASSIGNER": "msiddiqu@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -74,7 +75,7 @@
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble."
"value": "A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble."
}
]
},
@ -88,4 +89,4 @@
]
]
}
}
}

72
2020/12xxx/CVE-2020-12783.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12783",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://bugs.exim.org/show_bug.cgi?id=2571",
"url": "https://bugs.exim.org/show_bug.cgi?id=2571"
},
{
"refsource": "CONFIRM",
"name": "https://git.exim.org/exim.git/commit/57aa14b216432be381b6295c312065b2fd034f86",
"url": "https://git.exim.org/exim.git/commit/57aa14b216432be381b6295c312065b2fd034f86"
},
{
"refsource": "CONFIRM",
"name": "https://git.exim.org/exim.git/commit/a04174dc2a84ae1008c23b6a7109e7fa3fb7b8b0",
"url": "https://git.exim.org/exim.git/commit/a04174dc2a84ae1008c23b6a7109e7fa3fb7b8b0"
}
]
}
}

3
2020/1xxx/CVE-2020-1698.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1698",
"ASSIGNER": "gsuckevi@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {