admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-01-31 10:00:31 +00:00
parent 9e26fa35b0
commit 6841613b2d
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
3 changed files with 96 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
2020/17xxx/CVE-2020-17533.json
View File

@ -1,48 +1,12 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2020-17533",
"STATE": "PUBLIC",
"TITLE": "Apache Accumulo Improper Handling of Insufficient Permissions"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Accumulo",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "Apache Accumulo",
"version_value": "1.5.0"
},
{
"version_affected": "<=",
"version_name": "Apache Accumulo",
"version_value": "1.10.0"
},
{
"version_affected": "=",
"version_name": "Apache Accumulo",
"version_value": "2.0.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-17533",
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
@ -51,41 +15,70 @@
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-280 Improper Handling of Insufficient Permissions or Privileges "
"value": "CWE-252 Improper Handling of Insufficient Permissions or Privileges",
"cweId": "CWE-252"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache Software Foundation",
"product": {
"product_data": [
{
"product_name": "Apache Accumulo",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Apache Accumulo 2.0.0"
},
{
"version_affected": "<",
"version_name": "1.5.0",
"version_value": "Apache Accumulo*"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rf8c1a787b6951d3dacb9ec58f0bf1633790c91f54ff10c6f8ff9d8ed%40%3Cuser.accumulo.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rf8c1a787b6951d3dacb9ec58f0bf1633790c91f54ff10c6f8ff9d8ed%40%3Cuser.accumulo.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[announce] 20201228 [SECURITY] CVE-2020-17533: Apache Accumulo Improper Handling of Insufficient Permissions",
"url": "https://lists.apache.org/thread.html/rf8c1a787b6951d3dacb9ec58f0bf1633790c91f54ff10c6f8ff9d8ed@%3Cannounce.apache.org%3E"
"url": "https://lists.apache.org/thread.html/rf8c1a787b6951d3dacb9ec58f0bf1633790c91f54ff10c6f8ff9d8ed%40%3Cannounce.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rf8c1a787b6951d3dacb9ec58f0bf1633790c91f54ff10c6f8ff9d8ed%40%3Cannounce.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20201228 CVE-2020-17533: Apache Accumulo Improper Handling of Insufficient Permissions",
"url": "http://www.openwall.com/lists/oss-security/2020/12/29/1"
"url": "http://www.openwall.com/lists/oss-security/2020/12/29/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/12/29/1"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"source": {
"defect": [
"https://github.com/apache/accumulo/pull/1828"
@ -94,7 +87,7 @@
},
"work_around": [
{
"lang": "eng",
"lang": "en",
"value": "Upgrade to Apache Accumulo version 1.10.1, 2.0.1, or later."
}
]

93
2021/36xxx/CVE-2021-36372.json
View File

@ -1,14 +1,38 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-36372",
"STATE": "PUBLIC",
"TITLE": "Original block tokens are persisted and can be retrieved"
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Ozone versions prior to 1.2.0, Initially generated block tokens are persisted to the metadata database and can be retrieved with authenticated users with permission to the key. Authenticated users may use them even after access is revoked."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-273 Improper Check for Dropped Privileges",
"cweId": "CWE-273"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache Software Foundation",
"product": {
"product_data": [
{
@ -24,61 +48,28 @@
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Apache Ozone would like to thank Marton Elek for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"references": {
"reference_data": [
{
"lang": "eng",
"value": "In Apache Ozone versions prior to 1.2.0, Initially generated block tokens are persisted to the metadata database and can be retrieved with authenticated users with permission to the key. Authenticated users may use them even after access is revoked."
"url": "https://mail-archives.apache.org/mod_mbox/ozone-dev/202111.mbox/%3C5029c1ac-4685-8492-e3cb-ab48c5c370cf%40apache.org%3E",
"refsource": "MISC",
"name": "https://mail-archives.apache.org/mod_mbox/ozone-dev/202111.mbox/%3C5029c1ac-4685-8492-e3cb-ab48c5c370cf%40apache.org%3E"
},
{
"url": "http://www.openwall.com/lists/oss-security/2021/11/19/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/11/19/1"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "cwe-256 Unprotected Storage of Credentials "
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://mail-archives.apache.org/mod_mbox/ozone-dev/202111.mbox/%3C5029c1ac-4685-8492-e3cb-ab48c5c370cf%40apache.org%3E",
"name": "https://mail-archives.apache.org/mod_mbox/ozone-dev/202111.mbox/%3C5029c1ac-4685-8492-e3cb-ab48c5c370cf%40apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20211118 CVE-2021-36372: Apache Ozone: Original block tokens are persisted and can be retrieved",
"url": "http://www.openwall.com/lists/oss-security/2021/11/19/1"
}
]
},
"source": {
"defect": [
"HDDS-5315"
@ -87,8 +78,14 @@
},
"work_around": [
{
"lang": "eng",
"lang": "en",
"value": "Upgrade to Apache Ozone release version 1.2.0"
}
],
"credits": [
{
"lang": "en",
"value": "Apache Ozone would like to thank Marton Elek for reporting this issue."
}
]
}

4
2023/51xxx/CVE-2023-51441.json
View File

@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
"value": "CWE-918 Server-Side Request Forgery (SSRF)",
"cweId": "CWE-918"
}
]
}