diff --git a/2020/13xxx/CVE-2020-13160.json b/2020/13xxx/CVE-2020-13160.json index bc8826f9c8a..ab9375a3458 100644 --- a/2020/13xxx/CVE-2020-13160.json +++ b/2020/13xxx/CVE-2020-13160.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/158291/AnyDesk-GUI-Format-String-Write.html", "url": "http://packetstormsecurity.com/files/158291/AnyDesk-GUI-Format-String-Write.html" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/161628/AnyDesk-5.5.2-Remote-Code-Execution.html", + "url": "http://packetstormsecurity.com/files/161628/AnyDesk-5.5.2-Remote-Code-Execution.html" } ] } diff --git a/2020/13xxx/CVE-2020-13558.json b/2020/13xxx/CVE-2020-13558.json index 00ba671b8ea..d3c65702a0b 100644 --- a/2020/13xxx/CVE-2020-13558.json +++ b/2020/13xxx/CVE-2020-13558.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13558", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Webkit", + "version": { + "version_data": [ + { + "version_value": "Webkit WebKitGTK 2.30.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1172", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1172" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free." } ] } diff --git a/2020/28xxx/CVE-2020-28591.json b/2020/28xxx/CVE-2020-28591.json index 17308a50f1c..69925d96b8c 100644 --- a/2020/28xxx/CVE-2020-28591.json +++ b/2020/28xxx/CVE-2020-28591.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-28591", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Slic3r", + "version": { + "version_data": [ + { + "version_value": "Slic3r libslic3r 1.3.0 , Slic3r libslic3r Master Commit 92abbc42" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "out of bounds read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1215", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1215" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read vulnerability exists in the AMF File AMFParserContext::endElement() functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted AMF file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability." } ] } diff --git a/2020/28xxx/CVE-2020-28597.json b/2020/28xxx/CVE-2020-28597.json index dbcc4726162..d46616a30ec 100644 --- a/2020/28xxx/CVE-2020-28597.json +++ b/2020/28xxx/CVE-2020-28597.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-28597", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Epignosis", + "version": { + "version_data": [ + { + "version_value": "Epignosis eFront LMS 5.2.17, Epignosis eFront LMS 5.2.21" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "predictable seed" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1221", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1221" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A predictable seed vulnerability exists in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. An attacker can visit the password reset supplying the password reset token to reset the password of an account of their choice." } ] } diff --git a/2020/29xxx/CVE-2020-29047.json b/2020/29xxx/CVE-2020-29047.json index e302a857bb8..731b1d13e8d 100644 --- a/2020/29xxx/CVE-2020-29047.json +++ b/2020/29xxx/CVE-2020-29047.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-29047", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-29047", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the thimpress_hotel_booking_1 cookie in load in includes/class-wphb-sessions.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/wp-hotel-booking/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wp-hotel-booking/#developers" + }, + { + "refsource": "MISC", + "name": "https://appcheck-ng.com/cve-2020-29047/", + "url": "https://appcheck-ng.com/cve-2020-29047/" } ] } diff --git a/2020/8xxx/CVE-2020-8296.json b/2020/8xxx/CVE-2020-8296.json index 1dbdd6c9488..b241492630a 100644 --- a/2020/8xxx/CVE-2020-8296.json +++ b/2020/8xxx/CVE-2020-8296.json @@ -4,14 +4,73 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-8296", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "support@hackerone.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Nextcloud Server", + "version": { + "version_data": [ + { + "version_value": "Fixed in 20.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Storing Passwords in a Recoverable Format (CWE-257)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://hackerone.com/reports/867164", + "url": "https://hackerone.com/reports/867164" + }, + { + "refsource": "MISC", + "name": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-006", + "url": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-006" + }, + { + "refsource": "MISC", + "name": "https://github.com/nextcloud/server/pull/21037", + "url": "https://github.com/nextcloud/server/pull/21037" + }, + { + "refsource": "MISC", + "name": "https://github.com/nextcloud/server/issues/17439", + "url": "https://github.com/nextcloud/server/issues/17439" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured." } ] } diff --git a/2021/20xxx/CVE-2021-20441.json b/2021/20xxx/CVE-2021-20441.json index 68688a1abe5..d82d0c3b105 100644 --- a/2021/20xxx/CVE-2021-20441.json +++ b/2021/20xxx/CVE-2021-20441.json @@ -1,90 +1,90 @@ { - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6421023", - "name" : "https://www.ibm.com/support/pages/node/6421023", - "title" : "IBM Security Bulletin 6421023 (Security Verify Bridge)" - }, - { - "name" : "ibm-svb-cve202120441-info-disc (196617)", - "title" : "X-Force Vulnerability Report", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/196617" - } - ] - }, - "data_type" : "CVE", - "description" : { - "description_data" : [ - { - "value" : "IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196617.", - "lang" : "eng" - } - ] - }, - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC", - "ID" : "CVE-2021-20441", - "DATE_PUBLIC" : "2021-03-02T00:00:00" - }, - "data_format" : "MITRE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "data_version" : "4.0", - "affects" : { - "vendor" : { - "vendor_data" : [ + "references": { + "reference_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "" - } - ] - }, - "product_name" : "Security Verify Bridge" - } - ] - }, - "vendor_name" : "IBM" + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6421023", + "name": "https://www.ibm.com/support/pages/node/6421023", + "title": "IBM Security Bulletin 6421023 (Security Verify Bridge)" + }, + { + "name": "ibm-svb-cve202120441-info-disc (196617)", + "title": "X-Force Vulnerability Report", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196617" } - ] - } - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "E" : "U", - "RL" : "O" - }, - "BM" : { - "I" : "N", - "SCORE" : "5.900", - "UI" : "N", - "AC" : "H", - "C" : "H", - "PR" : "N", - "AV" : "N", - "S" : "U", - "A" : "N" - } - } - } -} + ] + }, + "data_type": "CVE", + "description": { + "description_data": [ + { + "value": "IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 196617.", + "lang": "eng" + } + ] + }, + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC", + "ID": "CVE-2021-20441", + "DATE_PUBLIC": "2021-03-02T00:00:00" + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "data_version": "4.0", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "" + } + ] + }, + "product_name": "Security Verify Bridge" + } + ] + }, + "vendor_name": "IBM" + } + ] + } + }, + "impact": { + "cvssv3": { + "TM": { + "RC": "C", + "E": "U", + "RL": "O" + }, + "BM": { + "I": "N", + "SCORE": "5.900", + "UI": "N", + "AC": "H", + "C": "H", + "PR": "N", + "AV": "N", + "S": "U", + "A": "N" + } + } + } +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20442.json b/2021/20xxx/CVE-2021-20442.json index 532e377448c..50dcb616c0d 100644 --- a/2021/20xxx/CVE-2021-20442.json +++ b/2021/20xxx/CVE-2021-20442.json @@ -1,90 +1,90 @@ { - "description" : { - "description_data" : [ - { - "value" : "IBM Security Verify Bridge contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 196618.", - "lang" : "eng" - } - ] - }, - "data_type" : "CVE", - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6421025", - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 6421025 (Security Verify Bridge)", - "name" : "https://www.ibm.com/support/pages/node/6421025" - }, - { - "name" : "ibm-svb-cve202120442-info-disc (196618)", - "title" : "X-Force Vulnerability Report", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/196618" - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "AV" : "N", - "A" : "N", - "S" : "U", - "I" : "N", - "UI" : "N", - "AC" : "H", - "SCORE" : "5.900", - "PR" : "N", - "C" : "H" - }, - "TM" : { - "RL" : "O", - "RC" : "C", - "E" : "U" - } - } - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "description": { + "description_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "" - } - ] - }, - "product_name" : "Security Verify Bridge" - } - ] - } + "value": "IBM Security Verify Bridge contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 196618.", + "lang": "eng" } - ] - } - }, - "data_version" : "4.0", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + ] + }, + "data_type": "CVE", + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6421025", + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 6421025 (Security Verify Bridge)", + "name": "https://www.ibm.com/support/pages/node/6421025" + }, + { + "name": "ibm-svb-cve202120442-info-disc (196618)", + "title": "X-Force Vulnerability Report", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196618" + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "AV": "N", + "A": "N", + "S": "U", + "I": "N", + "UI": "N", + "AC": "H", + "SCORE": "5.900", + "PR": "N", + "C": "H" + }, + "TM": { + "RL": "O", + "RC": "C", + "E": "U" + } + } + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "" + } + ] + }, + "product_name": "Security Verify Bridge" + } + ] + } + } ] - } - ] - }, - "data_format" : "MITRE", - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2021-03-02T00:00:00", - "ID" : "CVE-2021-20442", - "ASSIGNER" : "psirt@us.ibm.com" - } -} + } + }, + "data_version": "4.0", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "data_format": "MITRE", + "CVE_data_meta": { + "STATE": "PUBLIC", + "DATE_PUBLIC": "2021-03-02T00:00:00", + "ID": "CVE-2021-20442", + "ASSIGNER": "psirt@us.ibm.com" + } +} \ No newline at end of file diff --git a/2021/21xxx/CVE-2021-21978.json b/2021/21xxx/CVE-2021-21978.json index 5b369e74e38..e8a29e71673 100644 --- a/2021/21xxx/CVE-2021-21978.json +++ b/2021/21xxx/CVE-2021-21978.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21978", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@vmware.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "VMware View Planner", + "version": { + "version_data": [ + { + "version_value": "VMware View Planner 4.x prior to 4.6 Security Patch 1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote code execution vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.vmware.com/security/advisories/VMSA-2021-0003.html", + "url": "https://www.vmware.com/security/advisories/VMSA-2021-0003.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could upload and execute a specially crafted file leading to remote code execution within the logupload container." } ] } diff --git a/2021/22xxx/CVE-2021-22182.json b/2021/22xxx/CVE-2021-22182.json index 423583e8ddd..fe07ea9fca9 100644 --- a/2021/22xxx/CVE-2021-22182.json +++ b/2021/22xxx/CVE-2021-22182.json @@ -4,15 +4,94 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-22182", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@gitlab.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "GitLab", + "product": { + "product_data": [ + { + "product_name": "GitLab", + "version": { + "version_data": [ + { + "version_value": ">=13.8, <13.8.2" + }, + { + "version_value": ">=13.7, <13.7.6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper neutralization of input during web page generation ('cross-site scripting') in GitLab" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/280779", + "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/280779", + "refsource": "MISC" + }, + { + "name": "https://hackerone.com/reports/1030189", + "url": "https://hackerone.com/reports/1030189", + "refsource": "MISC" + }, + { + "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22182.json", + "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22182.json", + "refsource": "CONFIRM" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue has been discovered in GitLab affecting all versions starting with 13.7. GitLab was vulnerable to a stored XSS in merge request." } ] - } + }, + "impact": { + "cvss": { + "vectorString": "AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N", + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "version": "3.1", + "baseScore": 3.5, + "baseSeverity": "LOW" + } + }, + "credit": [ + { + "lang": "eng", + "value": "Thanks [ashish_r_padelkar](https://hackerone.com/ashish_r_padelkar) for reporting this vulnerability through our HackerOne bug bounty program" + } + ] } \ No newline at end of file diff --git a/2021/22xxx/CVE-2021-22188.json b/2021/22xxx/CVE-2021-22188.json index 879c2bc4f08..c57624939ca 100644 --- a/2021/22xxx/CVE-2021-22188.json +++ b/2021/22xxx/CVE-2021-22188.json @@ -4,15 +4,97 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-22188", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@gitlab.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "GitLab", + "product": { + "product_data": [ + { + "product_name": "GitLab", + "version": { + "version_data": [ + { + "version_value": ">=13.8, <13.8.4" + }, + { + "version_value": ">=13.7, <13.7.7" + }, + { + "version_value": ">=13.0, <13.6.7" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information exposure in GitLab" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/227040", + "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/227040", + "refsource": "MISC" + }, + { + "name": "https://hackerone.com/reports/916340", + "url": "https://hackerone.com/reports/916340", + "refsource": "MISC" + }, + { + "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22188.json", + "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22188.json", + "refsource": "CONFIRM" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unauthorised user via branch logs." } ] - } + }, + "impact": { + "cvss": { + "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "version": "3.1", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + }, + "credit": [ + { + "lang": "eng", + "value": "Thanks aemirercin for reporting this vulnerability through our HackerOne bug bounty program" + } + ] } \ No newline at end of file diff --git a/2021/22xxx/CVE-2021-22681.json b/2021/22xxx/CVE-2021-22681.json index 73f60f778b5..d7b0cb6989d 100644 --- a/2021/22xxx/CVE-2021-22681.json +++ b/2021/22xxx/CVE-2021-22681.json @@ -4,14 +4,79 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-22681", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, Logix Controllers", + "version": { + "version_data": [ + { + "version_value": "RSLogix 5000 Versions 16 through 20" + }, + { + "version_value": "Studio 5000 Logix Designer: Versions 21 and later" + }, + { + "version_value": "CompactLogix 1768, 1769, 5370, 5380, 5480" + }, + { + "version_value": "ControlLogix 5550, 5560, 5570, 5580" + }, + { + "version_value": "DriveLogix 5560, 5730, 1794-L34" + }, + { + "version_value": "Compact GuardLogix 5370, 5380" + }, + { + "version_value": "GuardLogix 5570, 5580" + }, + { + "version_value": "SoftLogix 5800" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insufficiently Protected Credentials CWE-522" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-056-03" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio 5000 Logix Designer Versions 21 and later and RSLogix 5000: Versions 16 through 20 are vulnerable because an unauthenticated attacker could bypass this verification mechanism and authenticate with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800." } ] } diff --git a/2021/22xxx/CVE-2021-22877.json b/2021/22xxx/CVE-2021-22877.json index 235538994a7..139bb01d39a 100644 --- a/2021/22xxx/CVE-2021-22877.json +++ b/2021/22xxx/CVE-2021-22877.json @@ -4,14 +4,73 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-22877", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "support@hackerone.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Nextcloud Server", + "version": { + "version_data": [ + { + "version_value": "Fixed in 20.0.6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Control - Generic (CWE-284)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://hackerone.com/reports/1061591", + "url": "https://hackerone.com/reports/1061591" + }, + { + "refsource": "MISC", + "name": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-004", + "url": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-004" + }, + { + "refsource": "MISC", + "name": "https://github.com/nextcloud/server/issues/24600", + "url": "https://github.com/nextcloud/server/issues/24600" + }, + { + "refsource": "MISC", + "name": "https://github.com/nextcloud/server/pull/25224", + "url": "https://github.com/nextcloud/server/pull/25224" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A missing user check in Nextcloud prior to 20.0.6 inadvertently populates a user's own credentials for other users external storage configuration when not already configured yet." } ] } diff --git a/2021/22xxx/CVE-2021-22878.json b/2021/22xxx/CVE-2021-22878.json index c278d5032c4..c6be9d6488d 100644 --- a/2021/22xxx/CVE-2021-22878.json +++ b/2021/22xxx/CVE-2021-22878.json @@ -4,14 +4,68 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-22878", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "support@hackerone.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Nextcloud Server", + "version": { + "version_data": [ + { + "version_value": "Fixed in 20.0.6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site Scripting (XSS) - Reflected (CWE-79)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://hackerone.com/reports/896522", + "url": "https://hackerone.com/reports/896522" + }, + { + "refsource": "MISC", + "name": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-005", + "url": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-005" + }, + { + "refsource": "MISC", + "name": "https://github.com/nextcloud/server/pull/25234", + "url": "https://github.com/nextcloud/server/pull/25234" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Nextcloud Server prior to 20.0.6 is vulnerable to reflected cross-site scripting (XSS) due to lack of sanitization in `OC.Notification.show`." } ] } diff --git a/2021/22xxx/CVE-2021-22883.json b/2021/22xxx/CVE-2021-22883.json index 5f3950f7997..2cf8e4ebc5c 100644 --- a/2021/22xxx/CVE-2021-22883.json +++ b/2021/22xxx/CVE-2021-22883.json @@ -4,14 +4,63 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-22883", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "support@hackerone.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "https://github.com/nodejs/node", + "version": { + "version_data": [ + { + "version_value": "Fixed in 10.24.0, 12.21.0, 14.16.0, 15.10.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service (CWE-400)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/", + "url": "https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/" + }, + { + "refsource": "MISC", + "name": "https://hackerone.com/reports/1043360", + "url": "https://hackerone.com/reports/1043360" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory." } ] } diff --git a/2021/22xxx/CVE-2021-22884.json b/2021/22xxx/CVE-2021-22884.json index 2db40f303d7..cc788ae965e 100644 --- a/2021/22xxx/CVE-2021-22884.json +++ b/2021/22xxx/CVE-2021-22884.json @@ -4,14 +4,68 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-22884", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "support@hackerone.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "https://github.com/nodejs/node", + "version": { + "version_data": [ + { + "version_value": "Fixed in 10.24.0, 12.21.0, 14.16.0, 15.10.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Reliance on Reverse DNS Resolution for a Security-Critical Action (CWE-350)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://hackerone.com/reports/1069487", + "url": "https://hackerone.com/reports/1069487" + }, + { + "refsource": "MISC", + "name": "https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/", + "url": "https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/" + }, + { + "refsource": "MISC", + "name": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/#node-js-inspector-dns-rebinding-vulnerability-cve-2018-7160", + "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/#node-js-inspector-dns-rebinding-vulnerability-cve-2018-7160" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes \u201clocalhost6\u201d. When \u201clocalhost6\u201d is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the \u201clocalhost6\u201d domain. As long as the attacker uses the \u201clocalhost6\u201d domain, they can still apply the attack described in CVE-2018-7160." } ] } diff --git a/2021/27xxx/CVE-2021-27804.json b/2021/27xxx/CVE-2021-27804.json index de1fe305978..4e815d941f8 100644 --- a/2021/27xxx/CVE-2021-27804.json +++ b/2021/27xxx/CVE-2021-27804.json @@ -66,6 +66,11 @@ "refsource": "FULLDISC", "name": "20210302 Multiple Vulnerabilities in jpeg-xl (CVE-2021-27804)", "url": "http://seclists.org/fulldisclosure/2021/Mar/2" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/161623/jpeg-xl-0.3.1-Memory-Corruption.html", + "url": "http://packetstormsecurity.com/files/161623/jpeg-xl-0.3.1-Memory-Corruption.html" } ] }