admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-08-02 03:01:02 +00:00
parent ae05b2aa24
commit 668332e595
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
15 changed files with 173 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

144
2017/18xxx/CVE-2017-18113.json
View File

@ -1,73 +1,75 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2021-08-02T00:00:00",
"ID": "CVE-2017-18113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jira Server",
"version": {
"version_data": [
{
"version_value": "8.18.1",
"version_affected": "<"
}
]
}
},
{
"product_name": "Jira Data Center",
"version": {
"version_data": [
{
"version_value": "8.18.1",
"version_affected": "<"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a system administrator to import their malicious workflow to execute arbitrary code via a Remote Code Execution (RCE) vulnerability. The vulnerability allowed for various problematic OSWorkflow classes to be used as part of workflows. The fix for this issue blocks usage of unsafe conditions, validators, functions and registers that are build-in into OSWorkflow library and other Jira dependencies. Atlassian-made functions or functions provided by 3rd party plugins are not affected by this fix."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code ('Code Injection')"
}
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2021-08-02T00:00:00",
"ID": "CVE-2017-18113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jira Server",
"version": {
"version_data": [
{
"version_value": "8.18.1",
"version_affected": "<"
}
]
}
},
{
"product_name": "Jira Data Center",
"version": {
"version_data": [
{
"version_value": "8.18.1",
"version_affected": "<"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/JRASERVER-72660"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a system administrator to import their malicious workflow to execute arbitrary code via a Remote Code Execution (RCE) vulnerability. The vulnerability allowed for various problematic OSWorkflow classes to be used as part of workflows. The fix for this issue blocks usage of unsafe conditions, validators, functions and registers that are build-in into OSWorkflow library and other Jira dependencies. Atlassian-made functions or functions provided by 3rd party plugins are not affected by this fix."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code ('Code Injection')"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/JRASERVER-72660",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/JRASERVER-72660"
}
]
}
}

5
2021/21xxx/CVE-2021-21273.json
View File

@ -88,6 +88,11 @@
"name": "https://github.com/matrix-org/synapse/commit/30fba6210834a4ecd91badf0c8f3eb278b72e746",
"refsource": "MISC",
"url": "https://github.com/matrix-org/synapse/commit/30fba6210834a4ecd91badf0c8f3eb278b72e746"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-a627cfd31e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"
}
]
},

5
2021/21xxx/CVE-2021-21274.json
View File

@ -88,6 +88,11 @@
"name": "https://github.com/matrix-org/synapse/commit/ff5c4da1289cb5e097902b3e55b771be342c29d6",
"refsource": "MISC",
"url": "https://github.com/matrix-org/synapse/commit/ff5c4da1289cb5e097902b3e55b771be342c29d6"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-a627cfd31e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"
}
]
},

5
2021/21xxx/CVE-2021-21332.json
View File

@ -88,6 +88,11 @@
"name": "https://github.com/matrix-org/synapse/commit/e54746bdf7d5c831eabe4dcea76a7626f1de73df",
"refsource": "MISC",
"url": "https://github.com/matrix-org/synapse/commit/e54746bdf7d5c831eabe4dcea76a7626f1de73df"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-a627cfd31e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"
}
]
},

5
2021/21xxx/CVE-2021-21333.json
View File

@ -88,6 +88,11 @@
"name": "https://github.com/matrix-org/synapse/security/advisories/GHSA-c5f8-35qr-q4fm",
"refsource": "CONFIRM",
"url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-c5f8-35qr-q4fm"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-a627cfd31e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"
}
]
},

5
2021/21xxx/CVE-2021-21392.json
View File

@ -83,6 +83,11 @@
"name": "https://github.com/matrix-org/synapse/pull/9240",
"refsource": "MISC",
"url": "https://github.com/matrix-org/synapse/pull/9240"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-a627cfd31e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"
}
]
},

5
2021/21xxx/CVE-2021-21393.json
View File

@ -88,6 +88,11 @@
"name": "https://github.com/matrix-org/synapse/security/advisories/GHSA-jrh7-mhhx-6h88",
"refsource": "CONFIRM",
"url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-jrh7-mhhx-6h88"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-a627cfd31e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"
}
]
},

5
2021/21xxx/CVE-2021-21394.json
View File

@ -88,6 +88,11 @@
"name": "https://github.com/matrix-org/synapse/pull/9393",
"refsource": "MISC",
"url": "https://github.com/matrix-org/synapse/pull/9393"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-a627cfd31e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"
}
]
},

10
2021/24xxx/CVE-2021-24119.json
View File

@ -61,6 +61,16 @@
"refsource": "MISC",
"name": "https://github.com/UzL-ITS/util-lookup/blob/main/cve-vulnerability-publication.md",
"url": "https://github.com/UzL-ITS/util-lookup/blob/main/cve-vulnerability-publication.md"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-10bfc067d1",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DRRVY7DMTX3ECFNZKDYTSFEG5AI2HBC6/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-165969af24",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EYJW7HAW3TDV2YMDFYXP3HD6WRQRTLJW/"
}
]
}

10
2021/29xxx/CVE-2021-29463.json
View File

@ -78,6 +78,16 @@
"name": "https://github.com/Exiv2/exiv2/commit/783b3a6ff15ed6f82a8f8e6c8a6f3b84a9b04d4b",
"refsource": "MISC",
"url": "https://github.com/Exiv2/exiv2/commit/783b3a6ff15ed6f82a8f8e6c8a6f3b84a9b04d4b"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-0b27f220bd",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDMZTVQAZSMLPTDVDYLBHAAF7I5QXVYQ/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-dde4d7d47e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3HKXR6JOVKMBE4HY4FDXNVZGNCQG6T3/"
}
]
},

10
2021/29xxx/CVE-2021-29464.json
View File

@ -78,6 +78,16 @@
"name": "https://github.com/Exiv2/exiv2/commit/f9308839198aca5e68a65194f151a1de92398f54",
"refsource": "MISC",
"url": "https://github.com/Exiv2/exiv2/commit/f9308839198aca5e68a65194f151a1de92398f54"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-0b27f220bd",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDMZTVQAZSMLPTDVDYLBHAAF7I5QXVYQ/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-dde4d7d47e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3HKXR6JOVKMBE4HY4FDXNVZGNCQG6T3/"
}
]
},

5
2021/29xxx/CVE-2021-29471.json
View File

@ -83,6 +83,11 @@
"name": "https://github.com/matrix-org/synapse/releases/tag/v1.33.2",
"refsource": "MISC",
"url": "https://github.com/matrix-org/synapse/releases/tag/v1.33.2"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-a627cfd31e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"
}
]
},

10
2021/33xxx/CVE-2021-33477.json
View File

@ -136,6 +136,16 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210609 [SECURITY] [DLA 2682-1] mrxvt security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00011.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-71556a5722",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AO52OLNOOKOCZSJCN3R7Q25XA32BWNWP/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-0d3268fc35",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DUV4LDVZVW7KCGPAMFZD4ZJ4FVLPOX4C/"
}
]
}

10
2021/34xxx/CVE-2021-34552.json
View File

@ -66,6 +66,16 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210722 [SECURITY] [DLA 2716-1] pillow security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-bf01a738f3",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V6LCG525ARIX6LX5QRYNAWVDD2MD2SV/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-3ec845dc0c",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUGBBT63VL7G4JNOEIPDJIOC34ZFBKNJ/"
}
]
}

10
2021/37xxx/CVE-2021-37576.json
View File

@ -66,6 +66,16 @@
"refsource": "MLIST",
"name": "[oss-security] 20210727 Re: Linux kernel: powerpc: KVM guest to host memory corruption",
"url": "http://www.openwall.com/lists/oss-security/2021/07/27/2"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-817b3d47d2",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2YZ2DNURMYYVDT2NYAFDESJC35KCUDS/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-12618d9b08",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WDFA7DSQIPM7XPNXJBXFWXHJFVUBCAG6/"
}
]
}