"-Synchronized-Data."

This commit is contained in:
CVE Team 2021-02-23 13:00:51 +00:00
parent 19e07b11b8
commit 69b77416a6
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
3 changed files with 56 additions and 7 deletions

View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-14359",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "keycloak",
"version": {
"version_data": [
{
"version_value": "all versions as of 2021-02-22"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-305"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1868591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868591"
},
{
"refsource": "MISC",
"name": "https://issues.jboss.org/browse/KEYCLOAK-14090",
"url": "https://issues.jboss.org/browse/KEYCLOAK-14090"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in all versions of keycloak, where on using lower case HTTP headers (via cURL) we can bypass our Gatekeeper. Lower case headers are also accepted by some webservers (e.g. Jetty). This means there is no protection when we put a Gatekeeper in front of a Jetty server and use lowercase headers."
}
]
}

View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve-coordination@google.com",
"ASSIGNER": "security@google.com",
"ID": "CVE-2020-8902",
"STATE": "PUBLIC",
"TITLE": "SSRF in Rendertron"
@ -87,4 +87,4 @@
"source": {
"discovery": "EXTERNAL"
}
}
}

View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2021-20242",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-20176. Reason: This candidate is a reservation duplicate of CVE-2021-20176. Notes: All CVE users should reference CVE-2021-20176 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}