"-Synchronized-Data."

This commit is contained in:
CVE Team 2021-01-04 12:01:55 +00:00
parent a97f46bcfc
commit 730e88cf31
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
4 changed files with 32 additions and 12 deletions

View File

@ -103,6 +103,11 @@
"refsource": "MLIST",
"name": "[activemq-issues] 20201230 [jira] [Updated] (AMQ-8107) Does ActiveMQ use the affected functionality within Xstream libraries for CVE-2020-26217",
"url": "https://lists.apache.org/thread.html/r826a006fda71cc96fc87b6eca4b5d195f19a292ad36cea501682c38c@%3Cissues.activemq.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[activemq-issues] 20210104 [jira] [Resolved] (AMQ-8107) Does ActiveMQ use the affected functionality within Xstream libraries for CVE-2020-26217",
"url": "https://lists.apache.org/thread.html/r2de526726e7f4db4a7cb91b7355070779f51a84fd985c6529c2f4e9e@%3Cissues.activemq.apache.org%3E"
}
]
},

View File

@ -48,16 +48,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-DJV-1014545"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-DJV-1014545",
"name": "https://snyk.io/vuln/SNYK-JS-DJV-1014545"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/korzio/djv/blob/master/lib/utils/properties.js%23L55"
"refsource": "MISC",
"url": "https://github.com/korzio/djv/blob/master/lib/utils/properties.js%23L55",
"name": "https://github.com/korzio/djv/blob/master/lib/utils/properties.js%23L55"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/korzio/djv/pull/98/files"
"refsource": "MISC",
"url": "https://github.com/korzio/djv/pull/98/files",
"name": "https://github.com/korzio/djv/pull/98/files"
}
]
},
@ -65,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "This affects the package djv before 2.1.4.\n By controlling the schema file, an attacker can run arbitrary JavaScript code on the victim machine.\r\n\r\n"
"value": "This affects the package djv before 2.1.4. By controlling the schema file, an attacker can run arbitrary JavaScript code on the victim machine."
}
]
},

View File

@ -48,12 +48,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-ASCIITABLEJS-1039799"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-ASCIITABLEJS-1039799",
"name": "https://snyk.io/vuln/SNYK-JS-ASCIITABLEJS-1039799"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/victornpb/asciitable.js/pull/1"
"refsource": "MISC",
"url": "https://github.com/victornpb/asciitable.js/pull/1",
"name": "https://github.com/victornpb/asciitable.js/pull/1"
}
]
},
@ -61,7 +63,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package asciitable.js before 1.0.3 are vulnerable to Prototype Pollution via the main function.\r\n\r\n"
"value": "The package asciitable.js before 1.0.3 are vulnerable to Prototype Pollution via the main function."
}
]
},

View File

@ -91,6 +91,16 @@
"name": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415"
},
{
"refsource": "MLIST",
"name": "[ws-commits] 20210104 [ws-wss4j] branch master updated: Updating Guava to 30.1 due to CVE-2020-8908",
"url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222@%3Ccommits.ws.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[ws-commits] 20210104 [ws-wss4j] branch 2_3_x-fixes updated: Updating Guava to 30.1 due to CVE-2020-8908",
"url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e@%3Ccommits.ws.apache.org%3E"
}
]
},