admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-04-20 00:02:37 +00:00
parent 1bfc7e9395
commit 7b2bdda70b
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
95 changed files with 538 additions and 352 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2020/36xxx/CVE-2020-36186.json
View File

@ -93,7 +93,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2020/36xxx/CVE-2020-36187.json
View File

@ -93,7 +93,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2020/36xxx/CVE-2020-36188.json
View File

@ -93,7 +93,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2020/36xxx/CVE-2020-36189.json
View File

@ -93,7 +93,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

18
2020/36xxx/CVE-2020-36242.json
View File

@ -57,6 +57,16 @@
"refsource": "MISC",
"name": "https://github.com/pyca/cryptography/issues/5615"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-8e36e7ed1a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7RGQLK4J5ZQFRLKCHVVG6BKZTUQMG7E/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/pyca/cryptography/compare/3.3.1...3.3.2",
@ -66,14 +76,6 @@
"refsource": "CONFIRM",
"name": "https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst",
"url": "https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-8e36e7ed1a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7RGQLK4J5ZQFRLKCHVVG6BKZTUQMG7E/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2020/36xxx/CVE-2020-36518.json
View File

@ -58,7 +58,9 @@
"name": "https://github.com/FasterXML/jackson-databind/issues/2816"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

8
2020/5xxx/CVE-2020-5245.json
View File

@ -72,6 +72,11 @@
},
"references": {
"reference_data": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf",
"refsource": "CONFIRM",
@ -106,9 +111,6 @@
"name": "https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm",
"refsource": "MISC",
"url": "https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2020/5xxx/CVE-2020-5413.json
View File

@ -95,7 +95,9 @@
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2020/5xxx/CVE-2020-5421.json
View File

@ -190,7 +190,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2020/6xxx/CVE-2020-6950.json
View File

@ -70,7 +70,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2020/7xxx/CVE-2020-7226.json
View File

@ -122,6 +122,11 @@
"name": "https://github.com/vt-middleware/cryptacular/blob/fafccd07ab1214e3588a35afe3c361519129605f/src/main/java/org/cryptacular/CiphertextHeader.java#L153",
"url": "https://github.com/vt-middleware/cryptacular/blob/fafccd07ab1214e3588a35afe3c361519129605f/src/main/java/org/cryptacular/CiphertextHeader.java#L153"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "MISC",
"name": "https://github.com/apereo/cas/pull/4685",
@ -141,9 +146,6 @@
"refsource": "MISC",
"name": "https://github.com/apereo/cas/commit/a042808d6adbbf44753d52c55cac5f533e24101f",
"url": "https://github.com/apereo/cas/commit/a042808d6adbbf44753d52c55cac5f533e24101f"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2020/7xxx/CVE-2020-7595.json
View File

@ -118,7 +118,9 @@
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2020/7xxx/CVE-2020-7760.json
View File

@ -121,7 +121,9 @@
"name": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2020/8xxx/CVE-2020-8172.json
View File

@ -85,7 +85,9 @@
"name": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2020/8xxx/CVE-2020-8174.json
View File

@ -75,7 +75,9 @@
"name": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2020/8xxx/CVE-2020-8203.json
View File

@ -80,7 +80,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2020/8xxx/CVE-2020-8231.json
View File

@ -74,13 +74,15 @@
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2020/8xxx/CVE-2020-8277.json
View File

@ -105,7 +105,9 @@
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2020/8xxx/CVE-2020-8284.json
View File

@ -114,13 +114,15 @@
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2020/8xxx/CVE-2020-8285.json
View File

@ -134,13 +134,15 @@
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2020/8xxx/CVE-2020-8286.json
View File

@ -129,13 +129,15 @@
"refsource": "MISC",
"name": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2020/8xxx/CVE-2020-8554.json
View File

@ -122,7 +122,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2020/8xxx/CVE-2020-8908.json
View File

@ -282,13 +282,15 @@
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220210-0003/",
"url": "https://security.netapp.com/advisory/ntap-20220210-0003/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2020/9xxx/CVE-2020-9488.json
View File

@ -292,7 +292,9 @@
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00017.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/20xxx/CVE-2021-20289.json
View File

@ -50,7 +50,9 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1935927"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/21xxx/CVE-2021-21275.json
View File

@ -85,7 +85,9 @@
"name": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2021/21xxx/CVE-2021-21290.json
View File

@ -262,13 +262,15 @@
"name": "[pulsar-commits] 20211020 [GitHub] [pulsar] Shoothzj opened a new pull request #12437: [Security] Bump grpc to 1.41.0",
"url": "https://lists.apache.org/thread.html/r584cf871f188c406d8bd447ff4e2fd9817fca862436c064d0951a071@%3Ccommits.pulsar.apache.org%3E"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220210-0011/",
"url": "https://security.netapp.com/advisory/ntap-20220210-0011/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

200
2021/21xxx/CVE-2021-21295.json
View File

@ -94,26 +94,6 @@
"name": "[ranger-dev] 20210317 [jira] [Assigned] (RANGER-3209) Upgrade netty to 4.1.60+ due to CVE-2021-21290 and CVE-2021-21295",
"url": "https://lists.apache.org/thread.html/r7bb3cdc192e9a6f863d3ea05422f09fa1ae2b88d4663e63696ee7ef5@%3Cdev.ranger.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rb523bb6c60196c5f58514b86a8585c2069a4852039b45de3818b29d2@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rb523bb6c60196c5f58514b86a8585c2069a4852039b45de3818b29d2@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r57245853c7245baab09eae08728c52b58fd77666538092389cc3e882@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r57245853c7245baab09eae08728c52b58fd77666538092389cc3e882@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r490ca5611c150d193b320a2608209180713b7c68e501b67b0cffb925@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r490ca5611c150d193b320a2608209180713b7c68e501b67b0cffb925@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r6d32fc3cd547f7c9a288a57c7f525f5d00a00d5d163613e0d10a23ef@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r6d32fc3cd547f7c9a288a57c7f525f5d00a00d5d163613e0d10a23ef@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[pulsar-commits] 20210329 [GitHub] [pulsar] yaswanthnadella opened a new issue #10071: CVE-2021-21295 & CVE-2021-21290",
@ -199,11 +179,6 @@
"name": "[zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad commented on pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295",
"url": "https://lists.apache.org/thread.html/rbadcbcb50195f00bbd196403865ced521ca70787999583c07be38d0e@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rdb4db3f5a9c478ca52a7b164680b88877a5a9c174e7047676c006b2c@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rdb4db3f5a9c478ca52a7b164680b88877a5a9c174e7047676c006b2c@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-notifications] 20210331 [GitHub] [zookeeper] eolivelli commented on pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295",
@ -239,11 +214,6 @@
"name": "[zookeeper-commits] 20210331 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295",
"url": "https://lists.apache.org/thread.html/r22adb45fe902aeafcd0a1c4db13984224a667676c323c66db3af38a1@%3Ccommits.zookeeper.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r8db1d7b3b9acc9e8d2776395e280eb9615dd7790e1da8c57039963de@%3Cnotifications.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r8db1d7b3b9acc9e8d2776395e280eb9615dd7790e1da8c57039963de@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-commits] 20210331 [zookeeper] branch master updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295",
@ -259,11 +229,6 @@
"name": "[zookeeper-issues] 20210331 [jira] [Resolved] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295",
"url": "https://lists.apache.org/thread.html/re6207ebe2ca4d44f2a6deee695ad6f27fd29d78980f1d46ed1574f91@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r2e93ce23e04c3f0a61e987d1111d0695cb668ac4ec4edbf237bd3e80@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r2e93ce23e04c3f0a61e987d1111d0695cb668ac4ec4edbf237bd3e80@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20210401 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295",
@ -284,16 +249,6 @@
"name": "[kafka-jira] 20210401 [jira] [Resolved] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295",
"url": "https://lists.apache.org/thread.html/rc165e36ca7cb5417aec3f21bbc4ec00fb38ecebdd96a82cfab9bd56f@%3Cjira.kafka.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rc73b8dd01b1be276d06bdf07883ecd93fe1a01f139a99ef30ba4308c@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rc73b8dd01b1be276d06bdf07883ecd93fe1a01f139a99ef30ba4308c@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rd25c88aad0e76240dd09f0eb34bdab924933946429e068a167adcb73@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rd25c88aad0e76240dd09f0eb34bdab924933946429e068a167adcb73@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20210402 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295",
@ -384,80 +339,30 @@
"name": "[flink-issues] 20210426 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx",
"url": "https://lists.apache.org/thread.html/re7c69756a102bebce8b8681882844a53e2f23975a189363e68ad0324@%3Cissues.flink.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rcfc154eb2de23d2dc08a56100341161e1a40a8ea86c693735437e8f2@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rcfc154eb2de23d2dc08a56100341161e1a40a8ea86c693735437e8f2@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/ra96c74c37ed7252f78392e1ad16442bd16ae72a4d6c8db50dd55c88b@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/ra96c74c37ed7252f78392e1ad16442bd16ae72a4d6c8db50dd55c88b@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[flink-issues] 20210511 [jira] [Commented] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx",
"url": "https://lists.apache.org/thread.html/r855b4b6814ac829ce2d48dd9d8138d07f33387e710de798ee92c011e@%3Cissues.flink.apache.org%3E"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210604-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210604-0003/"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r04a3e0d9f53421fb946c60cc54762b7151dc692eb4e39970a7579052@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r04a3e0d9f53421fb946c60cc54762b7151dc692eb4e39970a7579052@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[flink-issues] 20210610 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx",
"url": "https://lists.apache.org/thread.html/r0b09f3e31e004fe583f677f7afa46bd30110904576c13c5ac818ac2c@%3Cissues.flink.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/racc191a1f70a4f13155e8002c61bddef2870b26441971c697436ad5d@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/racc191a1f70a4f13155e8002c61bddef2870b26441971c697436ad5d@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[flink-issues] 20210618 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx",
"url": "https://lists.apache.org/thread.html/r602e98daacc98934f097f07f2eed6eb07c18bfc1949c8489dc7bfcf5@%3Cissues.flink.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rf87b870a22aa5c77c27900967b518a71a7d954c2952860fce3794b60@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rf87b870a22aa5c77c27900967b518a71a7d954c2952860fce3794b60@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r16c4b55ac82be72f28adad4f8061477e5f978199d5725691dcc82c24@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r16c4b55ac82be72f28adad4f8061477e5f978199d5725691dcc82c24@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rae198f44c3f7ac5264045e6ba976be1703cff38dcf1609916e50210d@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rae198f44c3f7ac5264045e6ba976be1703cff38dcf1609916e50210d@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[jackrabbit-dev] 20210709 [GitHub] [jackrabbit-oak] blackat opened a new pull request #321: Update netty to resolve CVE-2021-21295 and BDSA-2018-4022",
"url": "https://lists.apache.org/thread.html/r3c4596b9b37f5ae91628ccf169d33cd5a0da4b16b6c39d5bad8e03f3@%3Cdev.jackrabbit.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/re4f70b62843e92163fab03b65e2aa8078693293a0c36f1cc260079ed@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/re4f70b62843e92163fab03b65e2aa8078693293a0c36f1cc260079ed@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/reafc834062486adfc7be5bb8f7b7793be0d33f483678a094c3f9d468@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/reafc834062486adfc7be5bb8f7b7793be0d33f483678a094c3f9d468@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r8bcaf7821247b1836b10f6a1a3a3212b06272fd4cde4a859de1b78cf@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r8bcaf7821247b1836b10f6a1a3a3212b06272fd4cde4a859de1b78cf@%3Ccommits.servicecomb.apache.org%3E"
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210604-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210604-0003/"
},
{
"refsource": "MLIST",
@ -520,7 +425,104 @@
"url": "https://lists.apache.org/thread.html/r584cf871f188c406d8bd447ff4e2fd9817fca862436c064d0951a071@%3Ccommits.pulsar.apache.org%3E"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rb523bb6c60196c5f58514b86a8585c2069a4852039b45de3818b29d2@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rb523bb6c60196c5f58514b86a8585c2069a4852039b45de3818b29d2@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r57245853c7245baab09eae08728c52b58fd77666538092389cc3e882@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r57245853c7245baab09eae08728c52b58fd77666538092389cc3e882@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r490ca5611c150d193b320a2608209180713b7c68e501b67b0cffb925@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r490ca5611c150d193b320a2608209180713b7c68e501b67b0cffb925@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r6d32fc3cd547f7c9a288a57c7f525f5d00a00d5d163613e0d10a23ef@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r6d32fc3cd547f7c9a288a57c7f525f5d00a00d5d163613e0d10a23ef@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rdb4db3f5a9c478ca52a7b164680b88877a5a9c174e7047676c006b2c@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rdb4db3f5a9c478ca52a7b164680b88877a5a9c174e7047676c006b2c@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r8db1d7b3b9acc9e8d2776395e280eb9615dd7790e1da8c57039963de@%3Cnotifications.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r8db1d7b3b9acc9e8d2776395e280eb9615dd7790e1da8c57039963de@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r2e93ce23e04c3f0a61e987d1111d0695cb668ac4ec4edbf237bd3e80@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r2e93ce23e04c3f0a61e987d1111d0695cb668ac4ec4edbf237bd3e80@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rc73b8dd01b1be276d06bdf07883ecd93fe1a01f139a99ef30ba4308c@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rc73b8dd01b1be276d06bdf07883ecd93fe1a01f139a99ef30ba4308c@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rd25c88aad0e76240dd09f0eb34bdab924933946429e068a167adcb73@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rd25c88aad0e76240dd09f0eb34bdab924933946429e068a167adcb73@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rcfc154eb2de23d2dc08a56100341161e1a40a8ea86c693735437e8f2@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rcfc154eb2de23d2dc08a56100341161e1a40a8ea86c693735437e8f2@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/ra96c74c37ed7252f78392e1ad16442bd16ae72a4d6c8db50dd55c88b@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/ra96c74c37ed7252f78392e1ad16442bd16ae72a4d6c8db50dd55c88b@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r04a3e0d9f53421fb946c60cc54762b7151dc692eb4e39970a7579052@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r04a3e0d9f53421fb946c60cc54762b7151dc692eb4e39970a7579052@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/racc191a1f70a4f13155e8002c61bddef2870b26441971c697436ad5d@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/racc191a1f70a4f13155e8002c61bddef2870b26441971c697436ad5d@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rf87b870a22aa5c77c27900967b518a71a7d954c2952860fce3794b60@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rf87b870a22aa5c77c27900967b518a71a7d954c2952860fce3794b60@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r16c4b55ac82be72f28adad4f8061477e5f978199d5725691dcc82c24@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r16c4b55ac82be72f28adad4f8061477e5f978199d5725691dcc82c24@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rae198f44c3f7ac5264045e6ba976be1703cff38dcf1609916e50210d@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rae198f44c3f7ac5264045e6ba976be1703cff38dcf1609916e50210d@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/re4f70b62843e92163fab03b65e2aa8078693293a0c36f1cc260079ed@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/re4f70b62843e92163fab03b65e2aa8078693293a0c36f1cc260079ed@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/reafc834062486adfc7be5bb8f7b7793be0d33f483678a094c3f9d468@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/reafc834062486adfc7be5bb8f7b7793be0d33f483678a094c3f9d468@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r8bcaf7821247b1836b10f6a1a3a3212b06272fd4cde4a859de1b78cf@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r8bcaf7821247b1836b10f6a1a3a3212b06272fd4cde4a859de1b78cf@%3Ccommits.servicecomb.apache.org%3E"
}
]
},

4
2021/21xxx/CVE-2021-21409.json
View File

@ -360,7 +360,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/21xxx/CVE-2021-21703.json
View File

@ -156,7 +156,9 @@
"url": "https://security.netapp.com/advisory/ntap-20211118-0003/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/22xxx/CVE-2021-22060.json
View File

@ -50,7 +50,9 @@
"url": "https://tanzu.vmware.com/security/cve-2021-22060"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2021/22xxx/CVE-2021-22096.json
View File

@ -49,13 +49,15 @@
"name": "https://tanzu.vmware.com/security/cve-2021-22096",
"url": "https://tanzu.vmware.com/security/cve-2021-22096"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211125-0005/",
"url": "https://security.netapp.com/advisory/ntap-20211125-0005/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/22xxx/CVE-2021-22118.json
View File

@ -70,7 +70,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2021/22xxx/CVE-2021-22132.json
View File

@ -49,13 +49,15 @@
"refsource": "MISC",
"name": "https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210219-0004/",
"url": "https://security.netapp.com/advisory/ntap-20210219-0004/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2021/22xxx/CVE-2021-22134.json
View File

@ -49,13 +49,15 @@
"refsource": "MISC",
"name": "https://discuss.elastic.co/t/elastic-stack-7-11-0-security-update/265835"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210430-0006/",
"url": "https://security.netapp.com/advisory/ntap-20210430-0006/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2021/22xxx/CVE-2021-22144.json
View File

@ -44,6 +44,11 @@
},
"references": {
"reference_data": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "MISC",
"name": "https://discuss.elastic.co/t/elasticsearch-7-13-3-and-6-8-17-security-update/278100",
@ -53,9 +58,6 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210827-0006/",
"url": "https://security.netapp.com/advisory/ntap-20210827-0006/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

18
2021/22xxx/CVE-2021-22145.json
View File

@ -44,6 +44,16 @@
},
"references": {
"reference_data": [
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210827-0006/",
"url": "https://security.netapp.com/advisory/ntap-20210827-0006/"
},
{
"refsource": "MISC",
"name": "https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177",
@ -53,14 +63,6 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html",
"url": "http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210827-0006/",
"url": "https://security.netapp.com/advisory/ntap-20210827-0006/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/22xxx/CVE-2021-22569.json
View File

@ -148,7 +148,9 @@
"url": "http://www.openwall.com/lists/oss-security/2022/01/12/7"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/22xxx/CVE-2021-22570.json
View File

@ -114,7 +114,9 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/22xxx/CVE-2021-22696.json
View File

@ -111,7 +111,9 @@
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2021/22xxx/CVE-2021-22897.json
View File

@ -74,13 +74,15 @@
"name": "https://security.netapp.com/advisory/ntap-20210727-0007/",
"url": "https://security.netapp.com/advisory/ntap-20210727-0007/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2021/22xxx/CVE-2021-22898.json
View File

@ -94,13 +94,15 @@
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2021/22xxx/CVE-2021-22901.json
View File

@ -79,13 +79,15 @@
"name": "https://security.netapp.com/advisory/ntap-20210727-0007/",
"url": "https://security.netapp.com/advisory/ntap-20210727-0007/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

18
2021/22xxx/CVE-2021-22946.json
View File

@ -84,6 +84,16 @@
"name": "https://security.netapp.com/advisory/ntap-20220121-0008/",
"url": "https://security.netapp.com/advisory/ntap-20220121-0008/"
},
{
"refsource": "FULLDISC",
"name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
"url": "http://seclists.org/fulldisclosure/2022/Mar/29"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
@ -93,14 +103,6 @@
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT213183",
"url": "https://support.apple.com/kb/HT213183"
},
{
"refsource": "FULLDISC",
"name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
"url": "http://seclists.org/fulldisclosure/2022/Mar/29"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

18
2021/22xxx/CVE-2021-22947.json
View File

@ -79,6 +79,16 @@
"name": "https://security.netapp.com/advisory/ntap-20211029-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211029-0003/"
},
{
"refsource": "FULLDISC",
"name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
"url": "http://seclists.org/fulldisclosure/2022/Mar/29"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
@ -88,14 +98,6 @@
"refsource": "CONFIRM",
"name": "https://support.apple.com/kb/HT213183",
"url": "https://support.apple.com/kb/HT213183"
},
{
"refsource": "FULLDISC",
"name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
"url": "http://seclists.org/fulldisclosure/2022/Mar/29"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/23xxx/CVE-2021-23017.json
View File

@ -105,7 +105,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/23xxx/CVE-2021-23450.json
View File

@ -78,7 +78,9 @@
"name": "https://github.com/dojo/dojo/blob/4c39c14349408fc8274e19b399ffc660512ed07c/_base/lang.js%23L172"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/23xxx/CVE-2021-23463.json
View File

@ -72,7 +72,9 @@
"name": "https://github.com/h2database/h2database/commit/d83285fd2e48fb075780ee95badee6f5a15ea7f8%23diff-008c2e4462609982199cd83e7cf6f1d6b41296b516783f6752c44b9f15dc7bc3"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/23xxx/CVE-2021-23839.json
View File

@ -103,7 +103,9 @@
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

8
2021/23xxx/CVE-2021-23840.json
View File

@ -155,13 +155,15 @@
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2021/23xxx/CVE-2021-23841.json
View File

@ -166,7 +166,9 @@
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

10
2021/25xxx/CVE-2021-25219.json
View File

@ -130,9 +130,9 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EF4NAVRV4H3W4GA3LGGZYUKD3HSJBAVW/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211118-0002/",
"url": "https://security.netapp.com/advisory/ntap-20211118-0002/"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
@ -140,7 +140,9 @@
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211118-0002/",
"url": "https://security.netapp.com/advisory/ntap-20211118-0002/"
}
]
},

34
2021/26xxx/CVE-2021-26291.json
View File

@ -154,26 +154,11 @@
"name": "[kafka-commits] 20210521 [kafka] branch 2.7 updated: KAFKA-12820: Upgrade maven-artifact dependency to resolve CVE-2021-26291",
"url": "https://lists.apache.org/thread.html/r86aebd0387ae19b740b3eb28bad83fe6aceca0d6257eaa810a6e0002@%3Ccommits.kafka.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r7212b874e575e59d648980d91bc22e684906aee9b211ab92da9591f5@%3Cdev.kafka.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r7212b874e575e59d648980d91bc22e684906aee9b211ab92da9591f5@%3Cdev.kafka.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rcd6c3a36f1dbc130da1b89d0f320db7040de71661a512695a8d513ac@%3Cdev.kafka.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rcd6c3a36f1dbc130da1b89d0f320db7040de71661a512695a8d513ac@%3Cdev.kafka.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[kafka-users] 20210617 vulnerabilities",
"url": "https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://www.whitesourcesoftware.com/resources/blog/maven-security-vulnerability-cve-2021-26291/",
"url": "https://www.whitesourcesoftware.com/resources/blog/maven-security-vulnerability-cve-2021-26291/"
},
{
"refsource": "MLIST",
"name": "[karaf-issues] 20210718 [jira] [Created] (KARAF-7224) Impact of CVE-2021-26291 on Karaf",
@ -275,7 +260,24 @@
"url": "https://lists.apache.org/thread.html/rc9e441c1576bdc4375d32526d5cf457226928e9c87b9f54ded26271c@%3Cissues.karaf.apache.org%3E"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r7212b874e575e59d648980d91bc22e684906aee9b211ab92da9591f5@%3Cdev.kafka.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r7212b874e575e59d648980d91bc22e684906aee9b211ab92da9591f5@%3Cdev.kafka.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rcd6c3a36f1dbc130da1b89d0f320db7040de71661a512695a8d513ac@%3Cdev.kafka.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rcd6c3a36f1dbc130da1b89d0f320db7040de71661a512695a8d513ac@%3Cdev.kafka.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://www.whitesourcesoftware.com/resources/blog/maven-security-vulnerability-cve-2021-26291/",
"url": "https://www.whitesourcesoftware.com/resources/blog/maven-security-vulnerability-cve-2021-26291/"
}
]
},

4
2021/27xxx/CVE-2021-27568.json
View File

@ -88,7 +88,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2021/27xxx/CVE-2021-27807.json
View File

@ -171,7 +171,9 @@
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/27xxx/CVE-2021-27906.json
View File

@ -171,7 +171,9 @@
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/28xxx/CVE-2021-28163.json
View File

@ -206,7 +206,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2021/28xxx/CVE-2021-28164.json
View File

@ -193,7 +193,9 @@
"url": "http://packetstormsecurity.com/files/164590/Jetty-9.4.37.v20210219-Information-Disclosure.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2021/28xxx/CVE-2021-28165.json
View File

@ -619,7 +619,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2021/28xxx/CVE-2021-28168.json
View File

@ -171,7 +171,9 @@
"url": "https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2021/28xxx/CVE-2021-28169.json
View File

@ -184,7 +184,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2021/28xxx/CVE-2021-28170.json
View File

@ -68,7 +68,9 @@
"url": "https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2021/28xxx/CVE-2021-28657.json
View File

@ -86,7 +86,9 @@
"url": "https://security.netapp.com/advisory/ntap-20210507-0004/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2021/29xxx/CVE-2021-29425.json
View File

@ -298,13 +298,15 @@
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220210-0004/",
"url": "https://security.netapp.com/advisory/ntap-20220210-0004/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/29xxx/CVE-2021-29505.json
View File

@ -133,7 +133,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/29xxx/CVE-2021-29921.json
View File

@ -118,7 +118,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2021/30xxx/CVE-2021-30129.json
View File

@ -87,7 +87,9 @@
"url": "http://www.openwall.com/lists/oss-security/2021/07/12/1"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/30xxx/CVE-2021-30468.json
View File

@ -134,7 +134,9 @@
"url": "https://security.netapp.com/advisory/ntap-20210917-0002/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

18
2021/31xxx/CVE-2021-31799.json
View File

@ -52,6 +52,16 @@
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20211013 [SECURITY] [DLA 2780-1] ruby2.3 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "MISC",
"name": "https://www.ruby-lang.org/en/news/2021/05/02/os-command-injection-in-rdoc/",
@ -66,14 +76,6 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210902-0004/",
"url": "https://security.netapp.com/advisory/ntap-20210902-0004/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20211013 [SECURITY] [DLA 2780-1] ruby2.3 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

24
2021/31xxx/CVE-2021-31810.json
View File

@ -57,28 +57,30 @@
"refsource": "MISC",
"name": "https://hackerone.com/reports/1145454"
},
{
"refsource": "MISC",
"name": "https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp/",
"url": "https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-36cdab1f8d",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWXHK5UUHVSHF7HTHMX6JY3WXDVNIHSL/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210917-0001/",
"url": "https://security.netapp.com/advisory/ntap-20210917-0001/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20211013 [SECURITY] [DLA 2780-1] ruby2.3 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "MISC",
"name": "https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp/",
"url": "https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210917-0001/",
"url": "https://security.netapp.com/advisory/ntap-20210917-0001/"
}
]
}

4
2021/31xxx/CVE-2021-31811.json
View File

@ -145,7 +145,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/31xxx/CVE-2021-31812.json
View File

@ -140,7 +140,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

28
2021/32xxx/CVE-2021-32066.json
View File

@ -57,6 +57,21 @@
"refsource": "MISC",
"name": "https://hackerone.com/reports/1178562"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20211013 [SECURITY] [DLA 2780-1] ruby2.3 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210902-0004/",
"url": "https://security.netapp.com/advisory/ntap-20210902-0004/"
},
{
"refsource": "CONFIRM",
"name": "https://www.ruby-lang.org/en/news/2021/07/07/starttls-stripping-in-net-imap/",
@ -66,19 +81,6 @@
"refsource": "CONFIRM",
"name": "https://github.com/ruby/ruby/commit/a21a3b7d23704a01d34bd79d09dc37897e00922a",
"url": "https://github.com/ruby/ruby/commit/a21a3b7d23704a01d34bd79d09dc37897e00922a"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210902-0004/",
"url": "https://security.netapp.com/advisory/ntap-20210902-0004/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20211013 [SECURITY] [DLA 2780-1] ruby2.3 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

14
2021/32xxx/CVE-2021-32626.json
View File

@ -113,18 +113,20 @@
"name": "FEDORA-2021-aa94492a09",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211104-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211104-0003/"
},
{
"refsource": "DEBIAN",
"name": "DSA-5001",
"url": "https://www.debian.org/security/2021/dsa-5001"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211104-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211104-0003/"
}
]
},

14
2021/32xxx/CVE-2021-32627.json
View File

@ -108,18 +108,20 @@
"name": "FEDORA-2021-aa94492a09",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211104-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211104-0003/"
},
{
"refsource": "DEBIAN",
"name": "DSA-5001",
"url": "https://www.debian.org/security/2021/dsa-5001"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211104-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211104-0003/"
}
]
},

14
2021/32xxx/CVE-2021-32628.json
View File

@ -108,18 +108,20 @@
"name": "FEDORA-2021-aa94492a09",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211104-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211104-0003/"
},
{
"refsource": "DEBIAN",
"name": "DSA-5001",
"url": "https://www.debian.org/security/2021/dsa-5001"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211104-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211104-0003/"
}
]
},

16
2021/32xxx/CVE-2021-32672.json
View File

@ -41,7 +41,7 @@
"description_data": [
{
"lang": "eng",
"value": "Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger\u2019s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14."
"value": "Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger\u2019s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14."
}
]
},
@ -100,18 +100,20 @@
"name": "FEDORA-2021-aa94492a09",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211104-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211104-0003/"
},
{
"refsource": "DEBIAN",
"name": "DSA-5001",
"url": "https://www.debian.org/security/2021/dsa-5001"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211104-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211104-0003/"
}
]
},

14
2021/32xxx/CVE-2021-32675.json
View File

@ -105,18 +105,20 @@
"name": "FEDORA-2021-aa94492a09",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211104-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211104-0003/"
},
{
"refsource": "DEBIAN",
"name": "DSA-5001",
"url": "https://www.debian.org/security/2021/dsa-5001"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211104-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211104-0003/"
}
]
},

14
2021/32xxx/CVE-2021-32687.json
View File

@ -108,18 +108,20 @@
"name": "FEDORA-2021-aa94492a09",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211104-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211104-0003/"
},
{
"refsource": "DEBIAN",
"name": "DSA-5001",
"url": "https://www.debian.org/security/2021/dsa-5001"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211104-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211104-0003/"
}
]
},

14
2021/32xxx/CVE-2021-32762.json
View File

@ -108,18 +108,20 @@
"name": "FEDORA-2021-aa94492a09",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211104-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211104-0003/"
},
{
"refsource": "DEBIAN",
"name": "DSA-5001",
"url": "https://www.debian.org/security/2021/dsa-5001"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211104-0003/",
"url": "https://security.netapp.com/advisory/ntap-20211104-0003/"
}
]
},

8
2021/32xxx/CVE-2021-32785.json
View File

@ -84,13 +84,15 @@
"refsource": "MISC",
"url": "https://github.com/zmartzone/mod_auth_openidc/releases/tag/v2.4.9"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210902-0001/",
"url": "https://security.netapp.com/advisory/ntap-20210902-0001/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

8
2021/32xxx/CVE-2021-32786.json
View File

@ -99,13 +99,15 @@
"name": "FEDORA-2021-17f5cedf66",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXAWKPT5LXZSUTFSJ6IWSZC7RMYYQXQD/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210902-0001/",
"url": "https://security.netapp.com/advisory/ntap-20210902-0001/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/32xxx/CVE-2021-32791.json
View File

@ -103,7 +103,9 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXAWKPT5LXZSUTFSJ6IWSZC7RMYYQXQD/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/32xxx/CVE-2021-32792.json
View File

@ -100,7 +100,9 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXAWKPT5LXZSUTFSJ6IWSZC7RMYYQXQD/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/33xxx/CVE-2021-33037.json
View File

@ -148,7 +148,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/33xxx/CVE-2021-33193.json
View File

@ -119,7 +119,9 @@
"url": "https://www.tenable.com/security/tns-2021-17"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/33xxx/CVE-2021-33560.json
View File

@ -98,7 +98,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

14
2021/33xxx/CVE-2021-33813.json
View File

@ -62,11 +62,6 @@
"refsource": "MISC",
"name": "https://github.com/hunterhacker/jdom/releases"
},
{
"refsource": "MISC",
"name": "https://alephsecurity.com/vulns/aleph-2021003",
"url": "https://alephsecurity.com/vulns/aleph-2021003"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210629 [SECURITY] [DLA 2696-1] libjdom2-java security update",
@ -128,7 +123,14 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWFVYTHGILOQXUA7U3SPOERQXL7OPSZG/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "MISC",
"name": "https://alephsecurity.com/vulns/aleph-2021003",
"url": "https://alephsecurity.com/vulns/aleph-2021003"
}
]
}

4
2021/33xxx/CVE-2021-33880.json
View File

@ -63,7 +63,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2021/34xxx/CVE-2021-34428.json
View File

@ -136,7 +136,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2021/34xxx/CVE-2021-34429.json
View File

@ -269,7 +269,9 @@
"url": "https://security.netapp.com/advisory/ntap-20210819-0006/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

4
2021/34xxx/CVE-2021-34798.json
View File

@ -140,7 +140,9 @@
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10379"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},

4
2021/35xxx/CVE-2021-35043.json
View File

@ -73,7 +73,9 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}

12
2022/24xxx/CVE-2022-24826.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe`, and `git.exe` is not found in `PATH`, the `..exe` program will be executed, permitting the attacker to execute arbitrary code. This does not affect Unix systems.\n\nSimilarly, if the malicious repository contains files named `..exe` and `cygpath.exe`, and `cygpath.exe` is not found in `PATH`, the `..exe` program will be executed when certain Git LFS commands are run.\n\nMore generally, if the current working directory contains any file with a base name of `.` and a file extension from `PATHEXT` (except `.bat` and `.cmd`), and also contains another file with the same base name as a program Git LFS intends to execute (such as `git`, `cygpath`, or `uname`) and any file extension from `PATHEXT` (including `.bat` and `.cmd`), then, on Windows, when Git LFS attempts to execute the intended program the `..exe`, `..com`, etc., file will be executed instead, but only if the intended program is not found in any directory listed in `PATH`.\n\nThe vulnerability occurs because when Git LFS detects that the program it intends to run does not exist in any directory listed in `PATH` then Git LFS passes an empty string as the executable file path to the Go `os/exec` package, which contains a bug such that, on Windows, it prepends the name of the current working directory (i.e., `.`) to the empty string without adding a path separator, and as a result searches in that directory for a file with the base name `.` combined with any file extension from `PATHEXT`, executing the first one it finds.\n\n(The reason `..bat` and `..cmd` files are not executed in the same manner is that, although the Go `os/exec` package tries to execute them just as it does a `..exe` file, the Microsoft Win32 API `CreateProcess()` family of functions have an undocumented feature in that they apparently recognize when a caller is attempting to execute a batch script file and instead run the `cmd.exe` command interpreter, passing the full set of command line arguments as parameters. These are unchanged from the command line arguments set by Git LFS, and as such, the intended program's name is the first, resulting in a command line like `cmd.exe /c git`, which then fails.)\n\nGit LFS has resolved this vulnerability by always reporting an error when a program is not found in any directory listed in `PATH` rather than passing an empty string to the Go `os/exec` package in this case.\n\nThe bug in the Go `os/exec` package has been reported to the Go project and is expected to be patched after this security advisory is published.\n\nThe problem was introduced in version 2.12.1 and is patched in version 3.1.3. Users of affected versions should upgrade to version 3.1.3. There are currently no known workarounds at this time."
"value": "On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe`, and `git.exe` is not found in `PATH`, the `..exe` program will be executed, permitting the attacker to execute arbitrary code. This does not affect Unix systems. Similarly, if the malicious repository contains files named `..exe` and `cygpath.exe`, and `cygpath.exe` is not found in `PATH`, the `..exe` program will be executed when certain Git LFS commands are run. More generally, if the current working directory contains any file with a base name of `.` and a file extension from `PATHEXT` (except `.bat` and `.cmd`), and also contains another file with the same base name as a program Git LFS intends to execute (such as `git`, `cygpath`, or `uname`) and any file extension from `PATHEXT` (including `.bat` and `.cmd`), then, on Windows, when Git LFS attempts to execute the intended program the `..exe`, `..com`, etc., file will be executed instead, but only if the intended program is not found in any directory listed in `PATH`. The vulnerability occurs because when Git LFS detects that the program it intends to run does not exist in any directory listed in `PATH` then Git LFS passes an empty string as the executable file path to the Go `os/exec` package, which contains a bug such that, on Windows, it prepends the name of the current working directory (i.e., `.`) to the empty string without adding a path separator, and as a result searches in that directory for a file with the base name `.` combined with any file extension from `PATHEXT`, executing the first one it finds. (The reason `..bat` and `..cmd` files are not executed in the same manner is that, although the Go `os/exec` package tries to execute them just as it does a `..exe` file, the Microsoft Win32 API `CreateProcess()` family of functions have an undocumented feature in that they apparently recognize when a caller is attempting to execute a batch script file and instead run the `cmd.exe` command interpreter, passing the full set of command line arguments as parameters. These are unchanged from the command line arguments set by Git LFS, and as such, the intended program's name is the first, resulting in a command line like `cmd.exe /c git`, which then fails.) Git LFS has resolved this vulnerability by always reporting an error when a program is not found in any directory listed in `PATH` rather than passing an empty string to the Go `os/exec` package in this case. The bug in the Go `os/exec` package has been reported to the Go project and is expected to be patched after this security advisory is published. The problem was introduced in version 2.12.1 and is patched in version 3.1.3. Users of affected versions should upgrade to version 3.1.3. There are currently no known workarounds at this time."
}
]
},
@ -69,15 +69,15 @@
},
"references": {
"reference_data": [
{
"name": "https://github.com/git-lfs/git-lfs/security/advisories/GHSA-6rw3-3whw-jvjj",
"refsource": "CONFIRM",
"url": "https://github.com/git-lfs/git-lfs/security/advisories/GHSA-6rw3-3whw-jvjj"
},
{
"name": "https://github.com/git-lfs/git-lfs/releases",
"refsource": "MISC",
"url": "https://github.com/git-lfs/git-lfs/releases"
},
{
"name": "https://github.com/git-lfs/git-lfs/security/advisories/GHSA-6rw3-3whw-jvjj",
"refsource": "CONFIRM",
"url": "https://github.com/git-lfs/git-lfs/security/advisories/GHSA-6rw3-3whw-jvjj"
}
]
},

2
2022/24xxx/CVE-2022-24860.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Use of Hard-coded Cryptographic Key vulnerability. An attacker can use hard coding to generate login credentials of any user and log in to the service background located at different IP addresses. \n\n"
"value": "Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Use of Hard-coded Cryptographic Key vulnerability. An attacker can use hard coding to generate login credentials of any user and log in to the service background located at different IP addresses."
}
]
},