"-Synchronized-Data."

2025-05-07 19:17:10 +00:00 · 2022-04-27 06:01:34 +00:00 · 2022-04-27 06:01:34 +00:00 · 6ab35cd74b
commit 6ab35cd74b
parent 17ab3d4eeb
6 changed files with 92 additions and 11 deletions
--- a/2022/22xxx/CVE-2022-22513.json
+++ b/2022/22xxx/CVE-2022-22513.json
@ -278,7 +278,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash. "
+                "value": "An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash."
            }
        ]
    },
@ -316,8 +316,9 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download="
+                "refsource": "MISC",
+                "url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download=",
+                "name": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download="
            }
        ]
    },
--- a/2022/22xxx/CVE-2022-22514.json
+++ b/2022/22xxx/CVE-2022-22514.json
@ -278,7 +278,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the\nattacker can neither gain the values read internally nor control the values to be written. If invalid memory is accessed, this results in a crash."
+                "value": "An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If invalid memory is accessed, this results in a crash."
            }
        ]
    },
@ -316,8 +316,9 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download="
+                "refsource": "MISC",
+                "url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download=",
+                "name": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17093&token=15cd8424832ea10dcd4873a409a09a539ee381ca&download="
            }
        ]
    },
--- a/2022/22xxx/CVE-2022-22515.json
+++ b/2022/22xxx/CVE-2022-22515.json
@ -280,8 +280,9 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17089&token=cc5041e24fc744a397a6f6e3b78200a40e6fcd53&download="
+                "refsource": "MISC",
+                "url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17089&token=cc5041e24fc744a397a6f6e3b78200a40e6fcd53&download=",
+                "name": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17089&token=cc5041e24fc744a397a6f6e3b78200a40e6fcd53&download="
            }
        ]
    },
--- a/2022/22xxx/CVE-2022-22519.json
+++ b/2022/22xxx/CVE-2022-22519.json
@ -268,8 +268,9 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17094&token=2fb188e2213c74194e81ba61ff99f1c68602ba4d&download="
+                "refsource": "MISC",
+                "url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17094&token=2fb188e2213c74194e81ba61ff99f1c68602ba4d&download=",
+                "name": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17094&token=2fb188e2213c74194e81ba61ff99f1c68602ba4d&download="
            }
        ]
    },
--- a/2022/29xxx/CVE-2022-29806.json
+++ b/2022/29xxx/CVE-2022-29806.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "ZoneMinder before 1.36.13 allows remote code execution via an invalid language."
+                "value": "ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability."
            }
        ]
    },
@ -66,6 +66,11 @@
                "url": "https://github.com/ZoneMinder/zoneminder/commit/9fee64b62fbdff5bf5ece1d617f1f53c7b1967cb",
                "refsource": "MISC",
                "name": "https://github.com/ZoneMinder/zoneminder/commit/9fee64b62fbdff5bf5ece1d617f1f53c7b1967cb"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://krastanoel.com/cve/2022-29806",
+                "url": "https://krastanoel.com/cve/2022-29806"
            }
        ]
    }
--- a/2022/29xxx/CVE-2022-29810.json
+++ b/2022/29xxx/CVE-2022-29810.json
@ -0,0 +1,72 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2022-29810",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "The Hashicorp go-getter library before 1.5.11 could write SSH credentials into its logfile, exposing sensitive credentials to local users able to read the logfile."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://github.com/hashicorp/go-getter/pull/348",
+                "refsource": "MISC",
+                "name": "https://github.com/hashicorp/go-getter/pull/348"
+            },
+            {
+                "url": "https://github.com/hashicorp/go-getter/releases/tag/v1.5.11",
+                "refsource": "MISC",
+                "name": "https://github.com/hashicorp/go-getter/releases/tag/v1.5.11"
+            },
+            {
+                "url": "https://github.com/hashicorp/go-getter/commit/36b68b2f68a3ed10ee7ecbb0cb9f6b1dc5da49cc",
+                "refsource": "MISC",
+                "name": "https://github.com/hashicorp/go-getter/commit/36b68b2f68a3ed10ee7ecbb0cb9f6b1dc5da49cc"
+            }
+        ]
+    }
+}