From 6e77e49f83cd5bf5ffed54ed601d8e0b1c83dd26 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 15 Jan 2020 07:01:16 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/16xxx/CVE-2019-16775.json | 5 +++ 2019/16xxx/CVE-2019-16776.json | 5 +++ 2019/16xxx/CVE-2019-16777.json | 5 +++ 2019/18xxx/CVE-2019-18388.json | 5 +++ 2019/18xxx/CVE-2019-18389.json | 5 +++ 2019/18xxx/CVE-2019-18390.json | 5 +++ 2019/18xxx/CVE-2019-18391.json | 5 +++ 2019/20xxx/CVE-2019-20330.json | 10 ++++++ 2020/7xxx/CVE-2020-7058.json | 56 ++++++++++++++++++++++++++++++---- 9 files changed, 95 insertions(+), 6 deletions(-) diff --git a/2019/16xxx/CVE-2019-16775.json b/2019/16xxx/CVE-2019-16775.json index 9c6cbe414b6..7be6ea0f859 100644 --- a/2019/16xxx/CVE-2019-16775.json +++ b/2019/16xxx/CVE-2019-16775.json @@ -80,6 +80,11 @@ "name": "https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli", "refsource": "MISC", "url": "https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0059", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00027.html" } ] }, diff --git a/2019/16xxx/CVE-2019-16776.json b/2019/16xxx/CVE-2019-16776.json index 7ed553dca88..6a76e8aea24 100644 --- a/2019/16xxx/CVE-2019-16776.json +++ b/2019/16xxx/CVE-2019-16776.json @@ -80,6 +80,11 @@ "name": "https://github.com/npm/cli/security/advisories/GHSA-x8qc-rrcw-4r46", "refsource": "CONFIRM", "url": "https://github.com/npm/cli/security/advisories/GHSA-x8qc-rrcw-4r46" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0059", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00027.html" } ] }, diff --git a/2019/16xxx/CVE-2019-16777.json b/2019/16xxx/CVE-2019-16777.json index 22c6e705297..ef131daecfc 100644 --- a/2019/16xxx/CVE-2019-16777.json +++ b/2019/16xxx/CVE-2019-16777.json @@ -80,6 +80,11 @@ "name": "https://github.com/npm/cli/security/advisories/GHSA-4328-8hgf-7wjr", "refsource": "CONFIRM", "url": "https://github.com/npm/cli/security/advisories/GHSA-4328-8hgf-7wjr" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0059", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00027.html" } ] }, diff --git a/2019/18xxx/CVE-2019-18388.json b/2019/18xxx/CVE-2019-18388.json index 81fffab49c1..341fe6c0e64 100644 --- a/2019/18xxx/CVE-2019-18388.json +++ b/2019/18xxx/CVE-2019-18388.json @@ -71,6 +71,11 @@ "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1765578", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1765578" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0058", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00028.html" } ] } diff --git a/2019/18xxx/CVE-2019-18389.json b/2019/18xxx/CVE-2019-18389.json index abbeb037faf..50284dbc167 100644 --- a/2019/18xxx/CVE-2019-18389.json +++ b/2019/18xxx/CVE-2019-18389.json @@ -71,6 +71,11 @@ "refsource": "REDHAT", "name": "Red Hat", "url": "https://access.redhat.com/security/cve/cve-2019-18389" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0058", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00028.html" } ] } diff --git a/2019/18xxx/CVE-2019-18390.json b/2019/18xxx/CVE-2019-18390.json index 971ff6cc29d..99ce0e188f9 100644 --- a/2019/18xxx/CVE-2019-18390.json +++ b/2019/18xxx/CVE-2019-18390.json @@ -71,6 +71,11 @@ "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1765584", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1765584" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0058", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00028.html" } ] } diff --git a/2019/18xxx/CVE-2019-18391.json b/2019/18xxx/CVE-2019-18391.json index 47d56e25864..b45bc581846 100644 --- a/2019/18xxx/CVE-2019-18391.json +++ b/2019/18xxx/CVE-2019-18391.json @@ -71,6 +71,11 @@ "refsource": "REDHAT", "name": "Red Hat", "url": "https://access.redhat.com/security/cve/cve-2019-18391" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0058", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00028.html" } ] } diff --git a/2019/20xxx/CVE-2019-20330.json b/2019/20xxx/CVE-2019-20330.json index c4935447fb7..fa7647c0dc7 100644 --- a/2019/20xxx/CVE-2019-20330.json +++ b/2019/20xxx/CVE-2019-20330.json @@ -66,6 +66,16 @@ "refsource": "MLIST", "name": "[druid-commits] 20200114 [GitHub] [druid] ccaominh opened a new pull request #9189: Suppress CVE-2019-20330 for htrace-core-4.0.1", "url": "https://lists.apache.org/thread.html/rd6c6fef14944f3dcfb58d35f9317eb1c32a700e86c1b5231e45d3d0b@%3Ccommits.druid.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[druid-commits] 20200115 [GitHub] [druid] clintropolis merged pull request #9189: Suppress CVE-2019-20330 for htrace-core-4.0.1", + "url": "https://lists.apache.org/thread.html/rb532fed78d031fff477fd840b81946f6d1200f93a63698dae65aa528@%3Ccommits.druid.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[druid-commits] 20200115 [GitHub] [druid] ccaominh opened a new pull request #9191: [Backport] Suppress CVE-2019-20330 for htrace-core-4.0.1 (#9189)", + "url": "https://lists.apache.org/thread.html/r5c3644c97f0434d1ceb48ff48897a67bdbf3baf7efbe7d04625425b3@%3Ccommits.druid.apache.org%3E" } ] } diff --git a/2020/7xxx/CVE-2020-7058.json b/2020/7xxx/CVE-2020-7058.json index 7e47797b66e..febc642ac5a 100644 --- a/2020/7xxx/CVE-2020-7058.json +++ b/2020/7xxx/CVE-2020-7058.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-7058", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-7058", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** DISPUTED ** data_input.php in Cacti 1.2.8 allows remote code execution via a crafted Input String to Data Collection -> Data Input Methods -> Unix -> Ping Host. NOTE: the vendor has stated \"This is a false alarm.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Cacti/cacti/issues/3186", + "refsource": "MISC", + "name": "https://github.com/Cacti/cacti/issues/3186" } ] }