diff --git a/2021/23xxx/CVE-2021-23414.json b/2021/23xxx/CVE-2021-23414.json index d12867dc18e..0d7527b79d6 100644 --- a/2021/23xxx/CVE-2021-23414.json +++ b/2021/23xxx/CVE-2021-23414.json @@ -66,6 +66,21 @@ "refsource": "MISC", "url": "https://github.com/videojs/video.js/commit/b3acf663641fca0f7a966525a72845af7ec5fab2", "name": "https://github.com/videojs/video.js/commit/b3acf663641fca0f7a966525a72845af7ec5fab2" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-f7fdcb1820", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-cb7084ae1c", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-74a9c8e95f", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2/" } ] }, diff --git a/2022/37xxx/CVE-2022-37406.json b/2022/37xxx/CVE-2022-37406.json index 55568a48cc6..a9b81fa6e4d 100644 --- a/2022/37xxx/CVE-2022-37406.json +++ b/2022/37xxx/CVE-2022-37406.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-37406", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,13 +45,19 @@ "references": { "reference_data": [ { - "url": "https://support.ricoh.com/bb/html/dr_ut_e/rc3/model/sp42/sp42.htm" + "url": "https://support.ricoh.com/bb/html/dr_ut_e/rc3/model/sp42/sp42.htm", + "refsource": "MISC", + "name": "https://support.ricoh.com/bb/html/dr_ut_e/rc3/model/sp42/sp42.htm" }, { - "url": "https://support.ricoh.com/bbv2/html/dr_ut_d/ipsio/history/w/bb/pub_j/dr_ut_d/4101044/4101044791/V101/5236968/redirect_CLUTool_DOM/history.htm" + "url": "https://support.ricoh.com/bbv2/html/dr_ut_d/ipsio/history/w/bb/pub_j/dr_ut_d/4101044/4101044791/V101/5236968/redirect_CLUTool_DOM/history.htm", + "refsource": "MISC", + "name": "https://support.ricoh.com/bbv2/html/dr_ut_d/ipsio/history/w/bb/pub_j/dr_ut_d/4101044/4101044791/V101/5236968/redirect_CLUTool_DOM/history.htm" }, { - "url": "https://jvn.jp/en/jp/JVN24659622/index.html" + "url": "https://jvn.jp/en/jp/JVN24659622/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN24659622/index.html" } ] }, diff --git a/2022/41xxx/CVE-2022-41325.json b/2022/41xxx/CVE-2022-41325.json index 1022dbd6c8c..7012437a0c3 100644 --- a/2022/41xxx/CVE-2022-41325.json +++ b/2022/41xxx/CVE-2022-41325.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "https://www.videolan.org/security/sb-vlc3018.html", "url": "https://www.videolan.org/security/sb-vlc3018.html" + }, + { + "refsource": "DEBIAN", + "name": "DSA-5297", + "url": "https://www.debian.org/security/2022/dsa-5297" } ] } diff --git a/2022/41xxx/CVE-2022-41622.json b/2022/41xxx/CVE-2022-41622.json index 570b5c18520..1ce7448e137 100644 --- a/2022/41xxx/CVE-2022-41622.json +++ b/2022/41xxx/CVE-2022-41622.json @@ -1,17 +1,124 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-41622", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "f5sirt@f5.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In all versions, BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "cweId": "CWE-352" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "F5", + "product": { + "product_data": [ + { + "product_name": "BIG-IP", + "version": { + "version_data": [ + { + "version_value": "17.x", + "version_affected": "=" + }, + { + "version_value": "16.1.x", + "version_affected": "=" + }, + { + "version_value": "15.1.x", + "version_affected": "=" + }, + { + "version_value": "14.1.x", + "version_affected": "=" + }, + { + "version_value": "13.1.x", + "version_affected": "=" + } + ] + } + }, + { + "product_name": "BIG-IQ Centralized Management", + "version": { + "version_data": [ + { + "version_value": "8.x", + "version_affected": "=" + }, + { + "version_value": "7.1.x", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.f5.com/csp/article/K94221585", + "refsource": "MISC", + "name": "https://support.f5.com/csp/article/K94221585" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "F5 acknowledges Ron Bowes of Rapid7 for bringing this issue to our attention and following the highest standards of coordinated disclosure." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2022/41xxx/CVE-2022-41783.json b/2022/41xxx/CVE-2022-41783.json index d383184af6b..b00abb24391 100644 --- a/2022/41xxx/CVE-2022-41783.json +++ b/2022/41xxx/CVE-2022-41783.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-41783", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://www.tp-link.com/en/support/download/re300/v1/#Firmware" + "url": "https://www.tp-link.com/en/support/download/re300/v1/#Firmware", + "refsource": "MISC", + "name": "https://www.tp-link.com/en/support/download/re300/v1/#Firmware" }, { - "url": "https://jvn.jp/en/jp/JVN29657972/index.html" + "url": "https://jvn.jp/en/jp/JVN29657972/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN29657972/index.html" } ] }, diff --git a/2022/41xxx/CVE-2022-41800.json b/2022/41xxx/CVE-2022-41800.json index 9bc466f5511..fed04b15ded 100644 --- a/2022/41xxx/CVE-2022-41800.json +++ b/2022/41xxx/CVE-2022-41800.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-41800", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "f5sirt@f5.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In all versions of BIG-IP, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", + "cweId": "CWE-77" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "F5", + "product": { + "product_data": [ + { + "product_name": "BIG-IP", + "version": { + "version_data": [ + { + "version_value": "17.0.x", + "version_affected": "=" + }, + { + "version_value": "16.1.x", + "version_affected": "=" + }, + { + "version_value": "15.1.x", + "version_affected": "=" + }, + { + "version_value": "14.1.x", + "version_affected": "=" + }, + { + "version_value": "13.1.x", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.f5.com/csp/article/K13325942", + "refsource": "MISC", + "name": "https://support.f5.com/csp/article/K13325942" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "F5 acknowledges Ron Bowes of Rapid7 for bringing this issue to our attention and following the highest standards of coordinated disclosure." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 8.7, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", + "version": "3.1" } ] } diff --git a/2022/41xxx/CVE-2022-41994.json b/2022/41xxx/CVE-2022-41994.json index 63fb8182fdf..06db3e98eb6 100644 --- a/2022/41xxx/CVE-2022-41994.json +++ b/2022/41xxx/CVE-2022-41994.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-41994", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://basercms.net/security/JVN_53682526" + "url": "https://basercms.net/security/JVN_53682526", + "refsource": "MISC", + "name": "https://basercms.net/security/JVN_53682526" }, { - "url": "https://jvn.jp/en/jp/JVN53682526/index.html" + "url": "https://jvn.jp/en/jp/JVN53682526/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN53682526/index.html" } ] }, diff --git a/2022/42xxx/CVE-2022-42486.json b/2022/42xxx/CVE-2022-42486.json index 84381899f51..2d11d4d3a34 100644 --- a/2022/42xxx/CVE-2022-42486.json +++ b/2022/42xxx/CVE-2022-42486.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-42486", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://basercms.net/security/JVN_53682526" + "url": "https://basercms.net/security/JVN_53682526", + "refsource": "MISC", + "name": "https://basercms.net/security/JVN_53682526" }, { - "url": "https://jvn.jp/en/jp/JVN53682526/index.html" + "url": "https://jvn.jp/en/jp/JVN53682526/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN53682526/index.html" } ] }, diff --git a/2022/42xxx/CVE-2022-42700.json b/2022/42xxx/CVE-2022-42700.json new file mode 100644 index 00000000000..af6684731f6 --- /dev/null +++ b/2022/42xxx/CVE-2022-42700.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-42700", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/42xxx/CVE-2022-42879.json b/2022/42xxx/CVE-2022-42879.json new file mode 100644 index 00000000000..822ec8ea039 --- /dev/null +++ b/2022/42xxx/CVE-2022-42879.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-42879", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/43xxx/CVE-2022-43464.json b/2022/43xxx/CVE-2022-43464.json index 529f3b130fa..bcb2aac515d 100644 --- a/2022/43xxx/CVE-2022-43464.json +++ b/2022/43xxx/CVE-2022-43464.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-43464", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1666831567-004418" + "url": "http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1666831567-004418", + "refsource": "MISC", + "name": "http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1666831567-004418" }, { - "url": "https://jvn.jp/en/vu/JVNVU94514762/index.html" + "url": "https://jvn.jp/en/vu/JVNVU94514762/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/vu/JVNVU94514762/index.html" } ] }, diff --git a/2022/43xxx/CVE-2022-43468.json b/2022/43xxx/CVE-2022-43468.json index b6af4a89e0f..de0d73ae953 100644 --- a/2022/43xxx/CVE-2022-43468.json +++ b/2022/43xxx/CVE-2022-43468.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-43468", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,13 +45,19 @@ "references": { "reference_data": [ { - "url": "https://wordpress.org/plugins/wordpress-popular-posts/" + "url": "https://wordpress.org/plugins/wordpress-popular-posts/", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wordpress-popular-posts/" }, { - "url": "https://github.com/cabrerahector/wordpress-popular-posts/" + "url": "https://github.com/cabrerahector/wordpress-popular-posts/", + "refsource": "MISC", + "name": "https://github.com/cabrerahector/wordpress-popular-posts/" }, { - "url": "https://jvn.jp/en/jp/JVN13927745/index.html" + "url": "https://jvn.jp/en/jp/JVN13927745/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN13927745/index.html" } ] }, diff --git a/2022/43xxx/CVE-2022-43474.json b/2022/43xxx/CVE-2022-43474.json new file mode 100644 index 00000000000..a14e1f2832a --- /dev/null +++ b/2022/43xxx/CVE-2022-43474.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-43474", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/43xxx/CVE-2022-43498.json b/2022/43xxx/CVE-2022-43498.json new file mode 100644 index 00000000000..dee51b5209b --- /dev/null +++ b/2022/43xxx/CVE-2022-43498.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-43498", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/43xxx/CVE-2022-43502.json b/2022/43xxx/CVE-2022-43502.json new file mode 100644 index 00000000000..874175557ac --- /dev/null +++ b/2022/43xxx/CVE-2022-43502.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-43502", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/43xxx/CVE-2022-43508.json b/2022/43xxx/CVE-2022-43508.json index edf25495570..c7ce0d3e4fd 100644 --- a/2022/43xxx/CVE-2022-43508.json +++ b/2022/43xxx/CVE-2022-43508.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-43508", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://jvn.jp/en/vu/JVNVU92877622/index.html" + "url": "https://jvn.jp/en/vu/JVNVU92877622/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/vu/JVNVU92877622/index.html" }, { - "url": "https://jvn.jp/vu/JVNVU92877622/index.html" + "url": "https://jvn.jp/vu/JVNVU92877622/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/vu/JVNVU92877622/index.html" } ] }, diff --git a/2022/43xxx/CVE-2022-43509.json b/2022/43xxx/CVE-2022-43509.json index 1b43a33510d..7faafade37b 100644 --- a/2022/43xxx/CVE-2022-43509.json +++ b/2022/43xxx/CVE-2022-43509.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-43509", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://jvn.jp/en/vu/JVNVU92877622/index.html" + "url": "https://jvn.jp/en/vu/JVNVU92877622/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/vu/JVNVU92877622/index.html" }, { - "url": "https://jvn.jp/vu/JVNVU92877622/index.html" + "url": "https://jvn.jp/vu/JVNVU92877622/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/vu/JVNVU92877622/index.html" } ] }, diff --git a/2022/43xxx/CVE-2022-43660.json b/2022/43xxx/CVE-2022-43660.json index 697bc22860d..af2c0621a83 100644 --- a/2022/43xxx/CVE-2022-43660.json +++ b/2022/43xxx/CVE-2022-43660.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-43660", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://movabletype.org/news/2022/11/mt-796-688-released.html" + "url": "https://movabletype.org/news/2022/11/mt-796-688-released.html", + "refsource": "MISC", + "name": "https://movabletype.org/news/2022/11/mt-796-688-released.html" }, { - "url": "https://jvn.jp/en/jp/JVN37014768/index.html" + "url": "https://jvn.jp/en/jp/JVN37014768/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN37014768/index.html" } ] }, diff --git a/2022/43xxx/CVE-2022-43667.json b/2022/43xxx/CVE-2022-43667.json index abaf3d84787..c4d7aa17e34 100644 --- a/2022/43xxx/CVE-2022-43667.json +++ b/2022/43xxx/CVE-2022-43667.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-43667", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://jvn.jp/en/vu/JVNVU92877622/index.html" + "url": "https://jvn.jp/en/vu/JVNVU92877622/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/vu/JVNVU92877622/index.html" }, { - "url": "https://jvn.jp/vu/JVNVU92877622/index.html" + "url": "https://jvn.jp/vu/JVNVU92877622/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/vu/JVNVU92877622/index.html" } ] }, diff --git a/2022/43xxx/CVE-2022-43668.json b/2022/43xxx/CVE-2022-43668.json index 54c92826257..6841b506b53 100644 --- a/2022/43xxx/CVE-2022-43668.json +++ b/2022/43xxx/CVE-2022-43668.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-43668", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://typora.io/releases/all" + "url": "https://typora.io/releases/all", + "refsource": "MISC", + "name": "https://typora.io/releases/all" }, { - "url": "https://jvn.jp/en/jp/JVN26044739/index.html" + "url": "https://jvn.jp/en/jp/JVN26044739/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN26044739/index.html" } ] }, diff --git a/2022/44xxx/CVE-2022-44606.json b/2022/44xxx/CVE-2022-44606.json index 922bdb85083..1132f52471a 100644 --- a/2022/44xxx/CVE-2022-44606.json +++ b/2022/44xxx/CVE-2022-44606.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-44606", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1666831567-004418" + "url": "http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1666831567-004418", + "refsource": "MISC", + "name": "http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1666831567-004418" }, { - "url": "https://jvn.jp/en/vu/JVNVU94514762/index.html" + "url": "https://jvn.jp/en/vu/JVNVU94514762/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/vu/JVNVU94514762/index.html" } ] }, diff --git a/2022/44xxx/CVE-2022-44607.json b/2022/44xxx/CVE-2022-44607.json new file mode 100644 index 00000000000..017e5849295 --- /dev/null +++ b/2022/44xxx/CVE-2022-44607.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-44607", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/44xxx/CVE-2022-44608.json b/2022/44xxx/CVE-2022-44608.json index 4f5f241253a..df060cdd676 100644 --- a/2022/44xxx/CVE-2022-44608.json +++ b/2022/44xxx/CVE-2022-44608.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-44608", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://cs.cybozu.co.jp/2022/007754.html" + "url": "https://cs.cybozu.co.jp/2022/007754.html", + "refsource": "MISC", + "name": "https://cs.cybozu.co.jp/2022/007754.html" }, { - "url": "https://jvn.jp/en/jp/JVN87895771/index.html" + "url": "https://jvn.jp/en/jp/JVN87895771/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN87895771/index.html" } ] }, diff --git a/2022/44xxx/CVE-2022-44620.json b/2022/44xxx/CVE-2022-44620.json index f8c13a0de2e..a624caacb5f 100644 --- a/2022/44xxx/CVE-2022-44620.json +++ b/2022/44xxx/CVE-2022-44620.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-44620", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1666831567-004418" + "url": "http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1666831567-004418", + "refsource": "MISC", + "name": "http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1666831567-004418" }, { - "url": "https://jvn.jp/en/vu/JVNVU94514762/index.html" + "url": "https://jvn.jp/en/vu/JVNVU94514762/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/vu/JVNVU94514762/index.html" } ] }, diff --git a/2022/45xxx/CVE-2022-45112.json b/2022/45xxx/CVE-2022-45112.json new file mode 100644 index 00000000000..e642e7e6902 --- /dev/null +++ b/2022/45xxx/CVE-2022-45112.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-45112", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/45xxx/CVE-2022-45113.json b/2022/45xxx/CVE-2022-45113.json index f02e0ea04a5..1a7bcbf133b 100644 --- a/2022/45xxx/CVE-2022-45113.json +++ b/2022/45xxx/CVE-2022-45113.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-45113", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://movabletype.org/news/2022/11/mt-796-688-released.html" + "url": "https://movabletype.org/news/2022/11/mt-796-688-released.html", + "refsource": "MISC", + "name": "https://movabletype.org/news/2022/11/mt-796-688-released.html" }, { - "url": "https://jvn.jp/en/jp/JVN37014768/index.html" + "url": "https://jvn.jp/en/jp/JVN37014768/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN37014768/index.html" } ] }, diff --git a/2022/45xxx/CVE-2022-45122.json b/2022/45xxx/CVE-2022-45122.json index 7b2ad47d412..012abaae38c 100644 --- a/2022/45xxx/CVE-2022-45122.json +++ b/2022/45xxx/CVE-2022-45122.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-45122", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://movabletype.org/news/2022/11/mt-796-688-released.html" + "url": "https://movabletype.org/news/2022/11/mt-796-688-released.html", + "refsource": "MISC", + "name": "https://movabletype.org/news/2022/11/mt-796-688-released.html" }, { - "url": "https://jvn.jp/en/jp/JVN37014768/index.html" + "url": "https://jvn.jp/en/jp/JVN37014768/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN37014768/index.html" } ] }, diff --git a/2022/45xxx/CVE-2022-45149.json b/2022/45xxx/CVE-2022-45149.json index fd6b1223368..90132456bdd 100644 --- a/2022/45xxx/CVE-2022-45149.json +++ b/2022/45xxx/CVE-2022-45149.json @@ -58,6 +58,21 @@ "refsource": "MISC", "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75862", "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75862" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-f7fdcb1820", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-cb7084ae1c", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-74a9c8e95f", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2/" } ] }, diff --git a/2022/45xxx/CVE-2022-45150.json b/2022/45xxx/CVE-2022-45150.json index ecce94abdd3..c835e82bbdb 100644 --- a/2022/45xxx/CVE-2022-45150.json +++ b/2022/45xxx/CVE-2022-45150.json @@ -58,6 +58,21 @@ "refsource": "MISC", "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76091", "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76091" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-f7fdcb1820", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-cb7084ae1c", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-74a9c8e95f", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2/" } ] }, diff --git a/2022/45xxx/CVE-2022-45151.json b/2022/45xxx/CVE-2022-45151.json index 789becbf7c0..2097b0b183b 100644 --- a/2022/45xxx/CVE-2022-45151.json +++ b/2022/45xxx/CVE-2022-45151.json @@ -58,6 +58,21 @@ "refsource": "MISC", "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76131", "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76131" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-f7fdcb1820", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-cb7084ae1c", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-74a9c8e95f", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2/" } ] }, diff --git a/2022/45xxx/CVE-2022-45152.json b/2022/45xxx/CVE-2022-45152.json index 51f5c46b808..a70df2c300b 100644 --- a/2022/45xxx/CVE-2022-45152.json +++ b/2022/45xxx/CVE-2022-45152.json @@ -58,6 +58,21 @@ "refsource": "MISC", "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71920", "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71920" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-f7fdcb1820", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-cb7084ae1c", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-74a9c8e95f", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2/" } ] }, diff --git a/2022/46xxx/CVE-2022-46279.json b/2022/46xxx/CVE-2022-46279.json new file mode 100644 index 00000000000..879417e5322 --- /dev/null +++ b/2022/46xxx/CVE-2022-46279.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-46279", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/46xxx/CVE-2022-46645.json b/2022/46xxx/CVE-2022-46645.json new file mode 100644 index 00000000000..44c16ba1382 --- /dev/null +++ b/2022/46xxx/CVE-2022-46645.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-46645", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/46xxx/CVE-2022-46656.json b/2022/46xxx/CVE-2022-46656.json new file mode 100644 index 00000000000..53499b28e22 --- /dev/null +++ b/2022/46xxx/CVE-2022-46656.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-46656", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/4xxx/CVE-2022-4141.json b/2022/4xxx/CVE-2022-4141.json index b962090bb8b..6b0da907078 100644 --- a/2022/4xxx/CVE-2022-4141.json +++ b/2022/4xxx/CVE-2022-4141.json @@ -1,89 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2022-4141", - "STATE": "PUBLIC", - "TITLE": "Heap-based Buffer Overflow in vim/vim" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "vim/vim", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "9.0.0947" - } - ] + "CVE_data_meta": { + "ASSIGNER": "security@huntr.dev", + "ID": "CVE-2022-4141", + "STATE": "PUBLIC", + "TITLE": "Heap-based Buffer Overflow in vim/vim" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "vim/vim", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "9.0.0947" + } + ] + } + } + ] + }, + "vendor_name": "vim" } - } ] - }, - "vendor_name": "vim" } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command." - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.3, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-122 Heap-based Buffer Overflow" - } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/20ece512-c600-45ac-8a84-d0931e05541f", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/20ece512-c600-45ac-8a84-d0931e05541f" - }, - { - "name": "https://github.com/vim/vim/commit/cc762a48d42b579fb7bdec2c614636b830342dd5", - "refsource": "MISC", - "url": "https://github.com/vim/vim/commit/cc762a48d42b579fb7bdec2c614636b830342dd5" - } - ] - }, - "source": { - "advisory": "20ece512-c600-45ac-8a84-d0931e05541f", - "discovery": "EXTERNAL" - } -} + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122 Heap-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://huntr.dev/bounties/20ece512-c600-45ac-8a84-d0931e05541f", + "refsource": "CONFIRM", + "url": "https://huntr.dev/bounties/20ece512-c600-45ac-8a84-d0931e05541f" + }, + { + "name": "https://github.com/vim/vim/commit/cc762a48d42b579fb7bdec2c614636b830342dd5", + "refsource": "MISC", + "url": "https://github.com/vim/vim/commit/cc762a48d42b579fb7bdec2c614636b830342dd5" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-1e14f3ae45", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AZ3JMSUCR6Y7626RDWQ2HNSUFIQOJ33G/" + } + ] + }, + "source": { + "advisory": "20ece512-c600-45ac-8a84-d0931e05541f", + "discovery": "EXTERNAL" + } +} \ No newline at end of file diff --git a/2022/4xxx/CVE-2022-4320.json b/2022/4xxx/CVE-2022-4320.json new file mode 100644 index 00000000000..1fbb1fa88f3 --- /dev/null +++ b/2022/4xxx/CVE-2022-4320.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-4320", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file