admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-03-10 19:01:11 +00:00
parent 9b2dfb2dbd
commit 76a276c3c5
No known key found for this signature in database
GPG Key ID: 08789936A25A004E
9 changed files with 26 additions and 263 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
2021/43xxx/CVE-2021-43976.json
View File

@ -76,21 +76,6 @@
"refsource": "DEBIAN",
"name": "DSA-5092",
"url": "https://www.debian.org/security/2022/dsa-5092"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-5096",
"url": "https://www.debian.org/security/2022/dsa-5096"
}
]
}

20
2022/0xxx/CVE-2022-0847.json
View File

@ -19,7 +19,7 @@
"version": {
"version_data": [
{
"version_value": "Linux Kernel 5.17 rc6"
"version_value": "kernel 5.17-rc6"
}
]
}
@ -55,19 +55,9 @@
"url": "https://dirtypipe.cm4all.com/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.html"
"refsource": "DEBIAN",
"name": "DSA-5092",
"url": "https://www.debian.org/security/2022/dsa-5092"
}
]
},
@ -75,7 +65,7 @@
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system."
"value": "A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.17-rc6."
}
]
}

15
2022/24xxx/CVE-2022-24448.json
View File

@ -76,21 +76,6 @@
"refsource": "DEBIAN",
"name": "DSA-5092",
"url": "https://www.debian.org/security/2022/dsa-5092"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-5096",
"url": "https://www.debian.org/security/2022/dsa-5096"
}
]
}

10
2022/24xxx/CVE-2022-24959.json
View File

@ -66,16 +66,6 @@
"refsource": "DEBIAN",
"name": "DSA-5092",
"url": "https://www.debian.org/security/2022/dsa-5092"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-5096",
"url": "https://www.debian.org/security/2022/dsa-5096"
}
]
}

15
2022/25xxx/CVE-2022-25258.json
View File

@ -76,21 +76,6 @@
"refsource": "DEBIAN",
"name": "DSA-5092",
"url": "https://www.debian.org/security/2022/dsa-5092"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-5096",
"url": "https://www.debian.org/security/2022/dsa-5096"
}
]
}

15
2022/25xxx/CVE-2022-25375.json
View File

@ -76,21 +76,6 @@
"refsource": "DEBIAN",
"name": "DSA-5092",
"url": "https://www.debian.org/security/2022/dsa-5092"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-5096",
"url": "https://www.debian.org/security/2022/dsa-5096"
}
]
}

73
2022/26xxx/CVE-2022-26520.json
View File

@ -1,76 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-26520",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-26520",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat web root. NOTE: the vendor's position is that there is no pgjdbc vulnerability; instead, it is a vulnerability for any application to use the pgjdbc driver with untrusted connection properties."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://jdbc.postgresql.org/documentation/changelog.html#version_42.3.3",
"refsource": "MISC",
"name": "https://jdbc.postgresql.org/documentation/changelog.html#version_42.3.3"
},
{
"url": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-673j-qm5f-xpv8",
"refsource": "MISC",
"name": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-673j-qm5f-xpv8"
},
{
"url": "https://github.com/pgjdbc/pgjdbc/pull/2454/commits/017b929977b4f85795f9ad2fa5de6e80978b8ccc",
"refsource": "MISC",
"name": "https://github.com/pgjdbc/pgjdbc/pull/2454/commits/017b929977b4f85795f9ad2fa5de6e80978b8ccc"
},
{
"url": "https://jdbc.postgresql.org/documentation/head/tomcat.html",
"refsource": "MISC",
"name": "https://jdbc.postgresql.org/documentation/head/tomcat.html"
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

63
2022/26xxx/CVE-2022-26661.json
View File

@ -1,66 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-26661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-26661",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An XXE issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An authenticated user can make the server parse a crafted XML SEPA file to access arbitrary files on the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugs.tryton.org/issue11219",
"refsource": "MISC",
"name": "https://bugs.tryton.org/issue11219"
},
{
"url": "https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059",
"refsource": "MISC",
"name": "https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059"
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

63
2022/26xxx/CVE-2022-26662.json
View File

@ -1,66 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-26662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-26662",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An XML Entity Expansion (XEE) issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An unauthenticated user can send a crafted XML-RPC message to consume all the resources of the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059",
"refsource": "MISC",
"name": "https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059"
},
{
"url": "https://bugs.tryton.org/issue11244",
"refsource": "MISC",
"name": "https://bugs.tryton.org/issue11244"
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}