admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-06-03 23:01:29 +00:00
parent 8f5f1c5795
commit 784f832b2a
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
25 changed files with 206 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2011/1xxx/CVE-2011-1805.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2011-1805", "ID": "CVE-2011-1805",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,7 +46,9 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/82633" "url": "https://crbug.com/82633",
"refsource": "MISC",
"name": "https://crbug.com/82633"
} }
] ]
}, },

7
2011/2xxx/CVE-2011-2863.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2011-2863", "ID": "CVE-2011-2863",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,7 +46,9 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/93759" "url": "https://crbug.com/93759",
"refsource": "MISC",
"name": "https://crbug.com/93759"
} }
] ]
}, },

2
2020/11xxx/CVE-2020-11080.json
View File

@ -35,7 +35,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service.\n\nThe proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes the CPU to spike at 100%.\n\nnghttp2 v1.41.0 fixes this vulnerability.\n\nThere is a workaround to this vulnerability.\nImplement nghttp2_on_frame_recv_callback callback, and if received frame is SETTINGS frame and the number of settings entries are large (e.g., > 32), then drop the connection." "value": "In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes the CPU to spike at 100%. nghttp2 v1.41.0 fixes this vulnerability. There is a workaround to this vulnerability. Implement nghttp2_on_frame_recv_callback callback, and if received frame is SETTINGS frame and the number of settings entries are large (e.g., > 32), then drop the connection."
} }
] ]
}, },

2
2020/11xxx/CVE-2020-11091.json
View File

@ -35,7 +35,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service.\n\nIn a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host (via ipv6.disable=1 on the kernel cmdline), it will be either unconfigured or configured on some interfaces, but it's pretty likely that ipv6 forwarding is disabled, ie /proc/sys/net/ipv6/conf//forwarding == 0. Also by default, /proc/sys/net/ipv6/conf//accept_ra == 1. The combination of these 2 sysctls means that the host accepts router advertisements and configure the IPv6 stack using them.\n\nBy sending rogue router advertisements, an attacker can reconfigure the host to redirect part or all of the IPv6 traffic of the host to the attacker controlled container.\nEven if there was no IPv6 traffic before, if the DNS returns A (IPv4) and AAAA (IPv6) records, many HTTP libraries will try to connect via IPv6 first then fallback to IPv4, giving an opportunity to the attacker to respond.\nIf by chance you also have on the host a vulnerability like last year's RCE in apt (CVE-2019-3462), you can now escalate to the host.\n\nWeave Net version 2.6.3 disables the accept_ra option on the veth devices that it creates." "value": "In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host (via ipv6.disable=1 on the kernel cmdline), it will be either unconfigured or configured on some interfaces, but it's pretty likely that ipv6 forwarding is disabled, ie /proc/sys/net/ipv6/conf//forwarding == 0. Also by default, /proc/sys/net/ipv6/conf//accept_ra == 1. The combination of these 2 sysctls means that the host accepts router advertisements and configure the IPv6 stack using them. By sending rogue router advertisements, an attacker can reconfigure the host to redirect part or all of the IPv6 traffic of the host to the attacker controlled container. Even if there was no IPv6 traffic before, if the DNS returns A (IPv4) and AAAA (IPv6) records, many HTTP libraries will try to connect via IPv6 first then fallback to IPv4, giving an opportunity to the attacker to respond. If by chance you also have on the host a vulnerability like last year's RCE in apt (CVE-2019-3462), you can now escalate to the host. Weave Net version 2.6.3 disables the accept_ra option on the veth devices that it creates."
} }
] ]
}, },

18
2020/13xxx/CVE-2020-13799.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13799",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/13xxx/CVE-2020-13800.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13800",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/13xxx/CVE-2020-13801.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13801",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/13xxx/CVE-2020-13802.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-13802",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

12
2020/5xxx/CVE-2020-5296.json
View File

@ -35,7 +35,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466,\nan attacker can exploit this vulnerability to delete arbitrary local files of an October CMS server.\nThe vulnerability is only exploitable by an authenticated backend user with the `cms.manage_assets` permission.\n\nIssue has been patched in Build 466 (v1.0.466)." "value": "In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to delete arbitrary local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the `cms.manage_assets` permission. Issue has been patched in Build 466 (v1.0.466)."
} }
] ]
}, },
@ -69,15 +69,15 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"name": "https://github.com/octobercms/october/security/advisories/GHSA-jv6v-fvvx-4932",
"refsource": "CONFIRM",
"url": "https://github.com/octobercms/october/security/advisories/GHSA-jv6v-fvvx-4932"
},
{ {
"name": "https://github.com/octobercms/october/commit/2b8939cc8b5b6fe81e093fe2c9f883ada4e3c8cc", "name": "https://github.com/octobercms/october/commit/2b8939cc8b5b6fe81e093fe2c9f883ada4e3c8cc",
"refsource": "MISC", "refsource": "MISC",
"url": "https://github.com/octobercms/october/commit/2b8939cc8b5b6fe81e093fe2c9f883ada4e3c8cc" "url": "https://github.com/octobercms/october/commit/2b8939cc8b5b6fe81e093fe2c9f883ada4e3c8cc"
},
{
"name": "https://github.com/octobercms/october/security/advisories/GHSA-jv6v-fvvx-4932",
"refsource": "CONFIRM",
"url": "https://github.com/octobercms/october/security/advisories/GHSA-jv6v-fvvx-4932"
} }
] ]
}, },

2
2020/5xxx/CVE-2020-5297.json
View File

@ -35,7 +35,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with\nthe `cms.manage_assets` permission.\n\nIssue has been patched in Build 466 (v1.0.466)." "value": "In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the `cms.manage_assets` permission. Issue has been patched in Build 466 (v1.0.466)."
} }
] ]
}, },

2
2020/5xxx/CVE-2020-5299.json
View File

@ -35,7 +35,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466,\nany users with the ability to modify any data that could eventually be exported as a CSV file from the `ImportExportController`\ncould potentially introduce a CSV injection into the data to cause the generated CSV export file to be malicious.\nThis requires attackers to achieve the following before a successful attack can be completed: \n\n1. Have found a vulnerability in the victims spreadsheet software of choice.\n2. Control data that would potentially be exported through the `ImportExportController` by a theoretical victim.\n3. Convince the victim to export above data as a CSV and run it in vulnerable spreadsheet software while also bypassing any sanity checks by said software.\n\nIssue has been patched in Build 466 (v1.0.466)." "value": "In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, any users with the ability to modify any data that could eventually be exported as a CSV file from the `ImportExportController` could potentially introduce a CSV injection into the data to cause the generated CSV export file to be malicious. This requires attackers to achieve the following before a successful attack can be completed: 1. Have found a vulnerability in the victims spreadsheet software of choice. 2. Control data that would potentially be exported through the `ImportExportController` by a theoretical victim. 3. Convince the victim to export above data as a CSV and run it in vulnerable spreadsheet software while also bypassing any sanity checks by said software. Issue has been patched in Build 466 (v1.0.466)."
} }
] ]
}, },

11
2020/6xxx/CVE-2020-6419.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6419", "ID": "CVE-2020-6419",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,10 +46,14 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/1040325" "url": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html"
}, },
{ {
"url": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html" "url": "https://crbug.com/1040325",
"refsource": "MISC",
"name": "https://crbug.com/1040325"
} }
] ]
}, },

11
2020/6xxx/CVE-2020-6453.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6453", "ID": "CVE-2020-6453",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,10 +46,14 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/1065094" "url": "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html"
}, },
{ {
"url": "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html" "url": "https://crbug.com/1065094",
"refsource": "MISC",
"name": "https://crbug.com/1065094"
} }
] ]
}, },

11
2020/6xxx/CVE-2020-6493.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6493", "ID": "CVE-2020-6493",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,10 +46,14 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/1082105" "url": "https://crbug.com/1082105",
"refsource": "MISC",
"name": "https://crbug.com/1082105"
}, },
{ {
"url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html" "url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html"
} }
] ]
}, },

11
2020/6xxx/CVE-2020-6494.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6494", "ID": "CVE-2020-6494",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,10 +46,14 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/1083972" "url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html"
}, },
{ {
"url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html" "url": "https://crbug.com/1083972",
"refsource": "MISC",
"name": "https://crbug.com/1083972"
} }
] ]
}, },

11
2020/6xxx/CVE-2020-6495.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6495", "ID": "CVE-2020-6495",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,10 +46,14 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/1072116" "url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html"
}, },
{ {
"url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html" "url": "https://crbug.com/1072116",
"refsource": "MISC",
"name": "https://crbug.com/1072116"
} }
] ]
}, },

11
2020/6xxx/CVE-2020-6496.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6496", "ID": "CVE-2020-6496",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,10 +46,14 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/1085990" "url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html"
}, },
{ {
"url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html" "url": "https://crbug.com/1085990",
"refsource": "MISC",
"name": "https://crbug.com/1085990"
} }
] ]
}, },

11
2020/6xxx/CVE-2020-6497.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6497", "ID": "CVE-2020-6497",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,10 +46,14 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/1069246" "url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html"
}, },
{ {
"url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html" "url": "https://crbug.com/1069246",
"refsource": "MISC",
"name": "https://crbug.com/1069246"
} }
] ]
}, },

11
2020/6xxx/CVE-2020-6498.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6498", "ID": "CVE-2020-6498",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,10 +46,14 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/1081081" "url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html"
}, },
{ {
"url": "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html" "url": "https://crbug.com/1081081",
"refsource": "MISC",
"name": "https://crbug.com/1081081"
} }
] ]
}, },

11
2020/6xxx/CVE-2020-6499.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6499", "ID": "CVE-2020-6499",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,10 +46,14 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/999001" "url": "https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html"
}, },
{ {
"url": "https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html" "url": "https://crbug.com/999001",
"refsource": "MISC",
"name": "https://crbug.com/999001"
} }
] ]
}, },

11
2020/6xxx/CVE-2020-6500.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6500", "ID": "CVE-2020-6500",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,10 +46,14 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/843095" "url": "https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html"
}, },
{ {
"url": "https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html" "url": "https://crbug.com/843095",
"refsource": "MISC",
"name": "https://crbug.com/843095"
} }
] ]
}, },

11
2020/6xxx/CVE-2020-6501.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6501", "ID": "CVE-2020-6501",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,10 +46,14 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/990581" "url": "https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html"
}, },
{ {
"url": "https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html" "url": "https://crbug.com/990581",
"refsource": "MISC",
"name": "https://crbug.com/990581"
} }
] ]
}, },

11
2020/6xxx/CVE-2020-6502.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6502", "ID": "CVE-2020-6502",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,10 +46,14 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/785159" "url": "https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html"
}, },
{ {
"url": "https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html" "url": "https://crbug.com/785159",
"refsource": "MISC",
"name": "https://crbug.com/785159"
} }
] ]
}, },

11
2020/6xxx/CVE-2020-6503.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6503", "ID": "CVE-2020-6503",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,10 +46,14 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/639322" "url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}, },
{ {
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html" "url": "https://crbug.com/639322",
"refsource": "MISC",
"name": "https://crbug.com/639322"
} }
] ]
}, },

11
2020/6xxx/CVE-2020-6504.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-6504", "ID": "CVE-2020-6504",
"ASSIGNER": "chrome-cve-admin@google.com" "ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -45,10 +46,14 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://crbug.com/875503" "url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
}, },
{ {
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html" "url": "https://crbug.com/875503",
"refsource": "MISC",
"name": "https://crbug.com/875503"
} }
] ]
}, },