From 79f45be989146c1592846ec698767c8f33dcefa7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 9 Jun 2022 13:01:29 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/40xxx/CVE-2021-40610.json | 56 ++++++++++++++++++++--- 2021/40xxx/CVE-2021-40668.json | 61 ++++++++++++++++++++++--- 2021/43xxx/CVE-2021-43331.json | 5 +++ 2021/43xxx/CVE-2021-43332.json | 5 +++ 2021/44xxx/CVE-2021-44227.json | 5 +++ 2022/30xxx/CVE-2022-30292.json | 2 +- 2022/31xxx/CVE-2022-31019.json | 82 +++++++++++++++++++++++++++++++--- 2022/31xxx/CVE-2022-31026.json | 82 +++++++++++++++++++++++++++++++--- 2022/31xxx/CVE-2022-31027.json | 77 ++++++++++++++++++++++++++++--- 9 files changed, 344 insertions(+), 31 deletions(-) diff --git a/2021/40xxx/CVE-2021-40610.json b/2021/40xxx/CVE-2021-40610.json index 6e65f46bae1..57ccc5f6976 100644 --- a/2021/40xxx/CVE-2021-40610.json +++ b/2021/40xxx/CVE-2021-40610.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-40610", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-40610", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Emlog Pro v 1.0.4 cross-site scripting (XSS) in Emlog Pro background management." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/blackQvQ/emlog/issues/1", + "refsource": "MISC", + "name": "https://github.com/blackQvQ/emlog/issues/1" } ] } diff --git a/2021/40xxx/CVE-2021-40668.json b/2021/40xxx/CVE-2021-40668.json index ae1c776f453..273ab359c35 100644 --- a/2021/40xxx/CVE-2021-40668.json +++ b/2021/40xxx/CVE-2021-40668.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-40668", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-40668", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Android application HTTP File Server (Version 1.4.1) by 'slowscript' is affected by a path traversal vulnerability that permits arbitrary directory listing, file read, and file write." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://eddiez.me/path-traversal-in-slowscript-httpfileserver/", + "refsource": "MISC", + "name": "https://eddiez.me/path-traversal-in-slowscript-httpfileserver/" + }, + { + "url": "https://play.google.com/store/apps/details?id=slowscript.httpfileserver", + "refsource": "MISC", + "name": "https://play.google.com/store/apps/details?id=slowscript.httpfileserver" } ] } diff --git a/2021/43xxx/CVE-2021-43331.json b/2021/43xxx/CVE-2021-43331.json index f0d0f92c2bf..79ba06515f0 100644 --- a/2021/43xxx/CVE-2021-43331.json +++ b/2021/43xxx/CVE-2021-43331.json @@ -61,6 +61,11 @@ "refsource": "CONFIRM", "name": "https://mail.python.org/archives/list/mailman-announce@python.org/message/I2X7PSFXIEPLM3UMKZMGOEO3UFYETGRL/", "url": "https://mail.python.org/archives/list/mailman-announce@python.org/message/I2X7PSFXIEPLM3UMKZMGOEO3UFYETGRL/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20220609 [SECURITY] [DLA 3049-1] mailman security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00011.html" } ] } diff --git a/2021/43xxx/CVE-2021-43332.json b/2021/43xxx/CVE-2021-43332.json index 1cba7f29b0b..d790773b253 100644 --- a/2021/43xxx/CVE-2021-43332.json +++ b/2021/43xxx/CVE-2021-43332.json @@ -61,6 +61,11 @@ "refsource": "CONFIRM", "name": "https://mail.python.org/archives/list/mailman-announce@python.org/message/I2X7PSFXIEPLM3UMKZMGOEO3UFYETGRL/", "url": "https://mail.python.org/archives/list/mailman-announce@python.org/message/I2X7PSFXIEPLM3UMKZMGOEO3UFYETGRL/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20220609 [SECURITY] [DLA 3049-1] mailman security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00011.html" } ] } diff --git a/2021/44xxx/CVE-2021-44227.json b/2021/44xxx/CVE-2021-44227.json index 2cbeae95ad1..e785a816ea8 100644 --- a/2021/44xxx/CVE-2021-44227.json +++ b/2021/44xxx/CVE-2021-44227.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://bugs.launchpad.net/mailman/+bug/1952384", "url": "https://bugs.launchpad.net/mailman/+bug/1952384" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20220609 [SECURITY] [DLA 3049-1] mailman security update", + "url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00011.html" } ] }, diff --git a/2022/30xxx/CVE-2022-30292.json b/2022/30xxx/CVE-2022-30292.json index 1b81aa748b2..bfe788a04f9 100644 --- a/2022/30xxx/CVE-2022-30292.json +++ b/2022/30xxx/CVE-2022-30292.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "thread_call in sqbaselib.cpp in SQUIRREL 3.2 lacks a certain sq_reservestack call." + "value": "Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a certain sq_reservestack call." } ] }, diff --git a/2022/31xxx/CVE-2022-31019.json b/2022/31xxx/CVE-2022-31019.json index 95ae187a97e..d90e76a2d4b 100644 --- a/2022/31xxx/CVE-2022-31019.json +++ b/2022/31xxx/CVE-2022-31019.json @@ -1,18 +1,88 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-31019", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "DoS Vulnerability in URLEncodedFormDecoder in Vapor" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "vapor", + "version": { + "version_data": [ + { + "version_value": "< 4.61.1" + } + ] + } + } + ] + }, + "vendor_name": "vapor" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vapor is a server-side Swift HTTP web framework. When using automatic content decoding an attacker can craft a request body that can make the server crash with the following request: `curl -d \"array[_0][0][array][_0][0][array]$(for f in $(seq 1100); do echo -n '[_0][0][array]'; done)[string][_0]=hello%20world\" http://localhost:8080/foo`. The issue is unbounded, attacker controlled stack growth which will at some point lead to a stack overflow and a process crash. This issue has been fixed in version 4.61.1." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/vapor/vapor/security/advisories/GHSA-qvxg-wjxc-r4gg", + "refsource": "CONFIRM", + "url": "https://github.com/vapor/vapor/security/advisories/GHSA-qvxg-wjxc-r4gg" + }, + { + "name": "https://github.com/vapor/vapor/commit/6c63226a4ab82ce53730eb1afb9ca63866fcf033", + "refsource": "MISC", + "url": "https://github.com/vapor/vapor/commit/6c63226a4ab82ce53730eb1afb9ca63866fcf033" + } + ] + }, + "source": { + "advisory": "GHSA-qvxg-wjxc-r4gg", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31026.json b/2022/31xxx/CVE-2022-31026.json index a7b6f3fb50c..63f930ff73b 100644 --- a/2022/31xxx/CVE-2022-31026.json +++ b/2022/31xxx/CVE-2022-31026.json @@ -1,18 +1,88 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-31026", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Use of Uninitialized Variable in trilogy" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "trilogy", + "version": { + "version_data": [ + { + "version_value": "< 2.1.1" + } + ] + } + } + ] + }, + "vendor_name": "github" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Trilogy is a client library for MySQL. When authenticating, a malicious server could return a specially crafted authentication packet, causing the client to read and return up to 12 bytes of data from an uninitialized variable in stack memory. Users of the trilogy gem should upgrade to version 2.1.1 This issue can be avoided by only connecting to trusted servers." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-908: Use of Uninitialized Resource" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/github/trilogy/security/advisories/GHSA-5g4r-2qhx-vqfm", + "refsource": "CONFIRM", + "url": "https://github.com/github/trilogy/security/advisories/GHSA-5g4r-2qhx-vqfm" + }, + { + "name": "https://github.com/github/trilogy/commit/6bed62789eaf119902b0fe247d2a91d56c31a962", + "refsource": "MISC", + "url": "https://github.com/github/trilogy/commit/6bed62789eaf119902b0fe247d2a91d56c31a962" + } + ] + }, + "source": { + "advisory": "GHSA-5g4r-2qhx-vqfm", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31027.json b/2022/31xxx/CVE-2022-31027.json index 8d820e39e79..17ab2a668e1 100644 --- a/2022/31xxx/CVE-2022-31027.json +++ b/2022/31xxx/CVE-2022-31027.json @@ -1,18 +1,83 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-31027", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Authorization Bypass Through User-Controlled Key when using CILogonOAuthenticator in oauthenticator" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "oauthenticator", + "version": { + "version_data": [ + { + "version_value": "< 15.0.0" + } + ] + } + } + ] + }, + "vendor_name": "jupyterhub" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OAuthenticator is an OAuth token library for the JupyerHub login handler. CILogonOAuthenticator is provided by the OAuthenticator package, and lets users log in to a JupyterHub via CILogon. This is primarily used to restrict a JupyterHub only to users of a given institute. The allowed_idps configuration trait of CILogonOAuthenticator is documented to be a list of domains that indicate the institutions whose users are authorized to access this JupyterHub. This authorization is validated by ensuring that the *email* field provided to us by CILogon has a *domain* that matches one of the domains listed in `allowed_idps`.If `allowed_idps` contains `berkeley.edu`, you might expect only users with valid current credentials provided by University of California, Berkeley to be able to access the JupyterHub. However, CILogonOAuthenticator does *not* verify which provider is used by the user to login, only the email address provided. So a user can login with a GitHub account that has email set to `@berkeley.edu`, and that will be treated exactly the same as someone logging in using the UC Berkeley official Identity Provider. The patch fixing this issue makes a *breaking change* in how `allowed_idps` is interpreted. It's no longer a list of domains, but configuration representing the `EntityID` of the IdPs that are allowed, picked from the [list maintained by CILogon](https://cilogon.org/idplist/). Users are advised to upgrade." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.2, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-639: Authorization Bypass Through User-Controlled Key" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/jupyterhub/oauthenticator/security/advisories/GHSA-r7v4-jwx9-wx43", + "refsource": "CONFIRM", + "url": "https://github.com/jupyterhub/oauthenticator/security/advisories/GHSA-r7v4-jwx9-wx43" + } + ] + }, + "source": { + "advisory": "GHSA-r7v4-jwx9-wx43", + "discovery": "UNKNOWN" } } \ No newline at end of file