diff --git a/2019/17xxx/CVE-2019-17359.json b/2019/17xxx/CVE-2019-17359.json index 06875a5cb4c..51d84dbf594 100644 --- a/2019/17xxx/CVE-2019-17359.json +++ b/2019/17xxx/CVE-2019-17359.json @@ -96,6 +96,11 @@ "refsource": "MLIST", "name": "[tomee-commits] 20200322 [jira] [Updated] (TOMEE-2788) TomEE plus is affected by CVE-2019-17359 (BDSA-2019-3168) vulnerability", "url": "https://lists.apache.org/thread.html/r91b07985b1307390a58c5b9707f0b28ef8e9c9e1c86670459f20d601@%3Ccommits.tomee.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[tomee-commits] 20200323 [jira] [Commented] (TOMEE-2788) TomEE plus is affected by CVE-2019-17359 (BDSA-2019-3168) vulnerability", + "url": "https://lists.apache.org/thread.html/re60f980c092ada4bfe236dcfef8b6ca3e8f3b150fc0f51b8cc13d59d@%3Ccommits.tomee.apache.org%3E" } ] } diff --git a/2020/10xxx/CVE-2020-10592.json b/2020/10xxx/CVE-2020-10592.json index 25b5bd39829..fca5993ef44 100644 --- a/2020/10xxx/CVE-2020-10592.json +++ b/2020/10xxx/CVE-2020-10592.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10592", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10592", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (CPU consumption), aka TROVE-2020-002." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://trac.torproject.org/projects/tor/ticket/33120", + "refsource": "MISC", + "name": "https://trac.torproject.org/projects/tor/ticket/33120" } ] } diff --git a/2020/10xxx/CVE-2020-10593.json b/2020/10xxx/CVE-2020-10593.json index 1ba6f822a7e..f2ae6795f12 100644 --- a/2020/10xxx/CVE-2020-10593.json +++ b/2020/10xxx/CVE-2020-10593.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10593", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10593", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (memory leak), aka TROVE-2020-004. This occurs in circpad_setup_machine_on_circ because a circuit-padding machine can be negotiated twice on the same circuit." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://trac.torproject.org/projects/tor/ticket/33619", + "refsource": "MISC", + "name": "https://trac.torproject.org/projects/tor/ticket/33619" } ] } diff --git a/2020/10xxx/CVE-2020-10660.json b/2020/10xxx/CVE-2020-10660.json index 2cd57d5e43b..afe60fafe6b 100644 --- a/2020/10xxx/CVE-2020-10660.json +++ b/2020/10xxx/CVE-2020-10660.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10660", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10660", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HashiCorp Vault and Vault Enterprise versions 0.9.0 through 1.3.3 may, under certain circumstances, have an Entity's Group membership inadvertently include Groups the Entity no longer has permissions to. Fixed in 1.3.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.hashicorp.com/blog/category/vault/", + "refsource": "MISC", + "name": "https://www.hashicorp.com/blog/category/vault/" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#134-march-19th-2020", + "url": "https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#134-march-19th-2020" } ] } diff --git a/2020/10xxx/CVE-2020-10661.json b/2020/10xxx/CVE-2020-10661.json index c3997fadcd7..18b1302eca7 100644 --- a/2020/10xxx/CVE-2020-10661.json +++ b/2020/10xxx/CVE-2020-10661.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10661", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10661", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3 may, under certain circumstances, have existing nested-path policies grant access to Namespaces created after-the-fact. Fixed in 1.3.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.hashicorp.com/blog/category/vault/", + "refsource": "MISC", + "name": "https://www.hashicorp.com/blog/category/vault/" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#134-march-19th-2020", + "url": "https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#134-march-19th-2020" } ] }