diff --git a/2020/36xxx/CVE-2020-36186.json b/2020/36xxx/CVE-2020-36186.json index f1e90835736..9fd1178eea5 100644 --- a/2020/36xxx/CVE-2020-36186.json +++ b/2020/36xxx/CVE-2020-36186.json @@ -93,7 +93,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2020/36xxx/CVE-2020-36187.json b/2020/36xxx/CVE-2020-36187.json index 3950229549d..0b45b261eda 100644 --- a/2020/36xxx/CVE-2020-36187.json +++ b/2020/36xxx/CVE-2020-36187.json @@ -93,7 +93,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2020/36xxx/CVE-2020-36188.json b/2020/36xxx/CVE-2020-36188.json index 29ce5b6dafa..ec544b396b3 100644 --- a/2020/36xxx/CVE-2020-36188.json +++ b/2020/36xxx/CVE-2020-36188.json @@ -93,7 +93,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2020/36xxx/CVE-2020-36189.json b/2020/36xxx/CVE-2020-36189.json index d2ac1e6980e..89a21c6653f 100644 --- a/2020/36xxx/CVE-2020-36189.json +++ b/2020/36xxx/CVE-2020-36189.json @@ -93,7 +93,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2020/36xxx/CVE-2020-36242.json b/2020/36xxx/CVE-2020-36242.json index 1dfbb3c53cc..41a630b71ce 100644 --- a/2020/36xxx/CVE-2020-36242.json +++ b/2020/36xxx/CVE-2020-36242.json @@ -57,6 +57,16 @@ "refsource": "MISC", "name": "https://github.com/pyca/cryptography/issues/5615" }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-8e36e7ed1a", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7RGQLK4J5ZQFRLKCHVVG6BKZTUQMG7E/" + }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://github.com/pyca/cryptography/compare/3.3.1...3.3.2", @@ -66,14 +76,6 @@ "refsource": "CONFIRM", "name": "https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst", "url": "https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst" - }, - { - "refsource": "FEDORA", - "name": "FEDORA-2021-8e36e7ed1a", - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7RGQLK4J5ZQFRLKCHVVG6BKZTUQMG7E/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2020/36xxx/CVE-2020-36518.json b/2020/36xxx/CVE-2020-36518.json index 60f67687c15..1ba0d49848d 100644 --- a/2020/36xxx/CVE-2020-36518.json +++ b/2020/36xxx/CVE-2020-36518.json @@ -58,7 +58,9 @@ "name": "https://github.com/FasterXML/jackson-databind/issues/2816" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2020/5xxx/CVE-2020-5245.json b/2020/5xxx/CVE-2020-5245.json index c9002d872d8..f164e778fbd 100644 --- a/2020/5xxx/CVE-2020-5245.json +++ b/2020/5xxx/CVE-2020-5245.json @@ -72,6 +72,11 @@ }, "references": { "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "name": "https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf", "refsource": "CONFIRM", @@ -106,9 +111,6 @@ "name": "https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm", "refsource": "MISC", "url": "https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2020/5xxx/CVE-2020-5413.json b/2020/5xxx/CVE-2020-5413.json index 8023756c05c..858515397c0 100644 --- a/2020/5xxx/CVE-2020-5413.json +++ b/2020/5xxx/CVE-2020-5413.json @@ -95,7 +95,9 @@ "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2020/5xxx/CVE-2020-5421.json b/2020/5xxx/CVE-2020-5421.json index 267295ec8dc..07fbc54cf89 100644 --- a/2020/5xxx/CVE-2020-5421.json +++ b/2020/5xxx/CVE-2020-5421.json @@ -190,7 +190,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6950.json b/2020/6xxx/CVE-2020-6950.json index 154b3976c87..67f6ebab070 100644 --- a/2020/6xxx/CVE-2020-6950.json +++ b/2020/6xxx/CVE-2020-6950.json @@ -70,7 +70,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2020/7xxx/CVE-2020-7226.json b/2020/7xxx/CVE-2020-7226.json index 4f69df298ed..ebc865dbc3a 100644 --- a/2020/7xxx/CVE-2020-7226.json +++ b/2020/7xxx/CVE-2020-7226.json @@ -122,6 +122,11 @@ "name": "https://github.com/vt-middleware/cryptacular/blob/fafccd07ab1214e3588a35afe3c361519129605f/src/main/java/org/cryptacular/CiphertextHeader.java#L153", "url": "https://github.com/vt-middleware/cryptacular/blob/fafccd07ab1214e3588a35afe3c361519129605f/src/main/java/org/cryptacular/CiphertextHeader.java#L153" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "MISC", "name": "https://github.com/apereo/cas/pull/4685", @@ -141,9 +146,6 @@ "refsource": "MISC", "name": "https://github.com/apereo/cas/commit/a042808d6adbbf44753d52c55cac5f533e24101f", "url": "https://github.com/apereo/cas/commit/a042808d6adbbf44753d52c55cac5f533e24101f" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2020/7xxx/CVE-2020-7595.json b/2020/7xxx/CVE-2020-7595.json index 7958de33024..9a25127c4b4 100644 --- a/2020/7xxx/CVE-2020-7595.json +++ b/2020/7xxx/CVE-2020-7595.json @@ -118,7 +118,9 @@ "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2020/7xxx/CVE-2020-7760.json b/2020/7xxx/CVE-2020-7760.json index 1777588564a..89cda0dc818 100644 --- a/2020/7xxx/CVE-2020-7760.json +++ b/2020/7xxx/CVE-2020-7760.json @@ -121,7 +121,9 @@ "name": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2020/8xxx/CVE-2020-8172.json b/2020/8xxx/CVE-2020-8172.json index bc4e43afa3c..c29bb189e30 100644 --- a/2020/8xxx/CVE-2020-8172.json +++ b/2020/8xxx/CVE-2020-8172.json @@ -85,7 +85,9 @@ "name": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2020/8xxx/CVE-2020-8174.json b/2020/8xxx/CVE-2020-8174.json index dcce5612e04..26870cd5ed4 100644 --- a/2020/8xxx/CVE-2020-8174.json +++ b/2020/8xxx/CVE-2020-8174.json @@ -75,7 +75,9 @@ "name": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2020/8xxx/CVE-2020-8203.json b/2020/8xxx/CVE-2020-8203.json index edc4478e0f3..fa3d250e114 100644 --- a/2020/8xxx/CVE-2020-8203.json +++ b/2020/8xxx/CVE-2020-8203.json @@ -80,7 +80,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2020/8xxx/CVE-2020-8231.json b/2020/8xxx/CVE-2020-8231.json index 9878b5b8e64..e91e874b42d 100644 --- a/2020/8xxx/CVE-2020-8231.json +++ b/2020/8xxx/CVE-2020-8231.json @@ -74,13 +74,15 @@ "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2020/8xxx/CVE-2020-8277.json b/2020/8xxx/CVE-2020-8277.json index 7efdfe97448..82add70becb 100644 --- a/2020/8xxx/CVE-2020-8277.json +++ b/2020/8xxx/CVE-2020-8277.json @@ -105,7 +105,9 @@ "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2020/8xxx/CVE-2020-8284.json b/2020/8xxx/CVE-2020-8284.json index e7335c7b6b6..7ffd86ba036 100644 --- a/2020/8xxx/CVE-2020-8284.json +++ b/2020/8xxx/CVE-2020-8284.json @@ -114,13 +114,15 @@ "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2020/8xxx/CVE-2020-8285.json b/2020/8xxx/CVE-2020-8285.json index 444dd85b655..7c5d516839f 100644 --- a/2020/8xxx/CVE-2020-8285.json +++ b/2020/8xxx/CVE-2020-8285.json @@ -134,13 +134,15 @@ "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2020/8xxx/CVE-2020-8286.json b/2020/8xxx/CVE-2020-8286.json index 1adcc22d98d..cecbd04ab24 100644 --- a/2020/8xxx/CVE-2020-8286.json +++ b/2020/8xxx/CVE-2020-8286.json @@ -129,13 +129,15 @@ "refsource": "MISC", "name": "https://www.oracle.com//security-alerts/cpujul2021.html" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2020/8xxx/CVE-2020-8554.json b/2020/8xxx/CVE-2020-8554.json index d199f082079..009931deee0 100644 --- a/2020/8xxx/CVE-2020-8554.json +++ b/2020/8xxx/CVE-2020-8554.json @@ -122,7 +122,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2020/8xxx/CVE-2020-8908.json b/2020/8xxx/CVE-2020-8908.json index cf76860d059..4f00ccb5456 100644 --- a/2020/8xxx/CVE-2020-8908.json +++ b/2020/8xxx/CVE-2020-8908.json @@ -282,13 +282,15 @@ "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20220210-0003/", "url": "https://security.netapp.com/advisory/ntap-20220210-0003/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2020/9xxx/CVE-2020-9488.json b/2020/9xxx/CVE-2020-9488.json index 4cab1ab79d5..e1f6ec1331d 100644 --- a/2020/9xxx/CVE-2020-9488.json +++ b/2020/9xxx/CVE-2020-9488.json @@ -292,7 +292,9 @@ "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00017.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/20xxx/CVE-2021-20289.json b/2021/20xxx/CVE-2021-20289.json index e4e4f727cac..8e2b6deeea3 100644 --- a/2021/20xxx/CVE-2021-20289.json +++ b/2021/20xxx/CVE-2021-20289.json @@ -50,7 +50,9 @@ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1935927" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/21xxx/CVE-2021-21275.json b/2021/21xxx/CVE-2021-21275.json index 76c3257255f..94b3c12a266 100644 --- a/2021/21xxx/CVE-2021-21275.json +++ b/2021/21xxx/CVE-2021-21275.json @@ -85,7 +85,9 @@ "name": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/21xxx/CVE-2021-21290.json b/2021/21xxx/CVE-2021-21290.json index 998f71c1226..2df17932e25 100644 --- a/2021/21xxx/CVE-2021-21290.json +++ b/2021/21xxx/CVE-2021-21290.json @@ -262,13 +262,15 @@ "name": "[pulsar-commits] 20211020 [GitHub] [pulsar] Shoothzj opened a new pull request #12437: [Security] Bump grpc to 1.41.0", "url": "https://lists.apache.org/thread.html/r584cf871f188c406d8bd447ff4e2fd9817fca862436c064d0951a071@%3Ccommits.pulsar.apache.org%3E" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20220210-0011/", "url": "https://security.netapp.com/advisory/ntap-20220210-0011/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/21xxx/CVE-2021-21295.json b/2021/21xxx/CVE-2021-21295.json index 9389ff1d05b..b8e7ac78472 100644 --- a/2021/21xxx/CVE-2021-21295.json +++ b/2021/21xxx/CVE-2021-21295.json @@ -94,26 +94,6 @@ "name": "[ranger-dev] 20210317 [jira] [Assigned] (RANGER-3209) Upgrade netty to 4.1.60+ due to CVE-2021-21290 and CVE-2021-21295", "url": "https://lists.apache.org/thread.html/r7bb3cdc192e9a6f863d3ea05422f09fa1ae2b88d4663e63696ee7ef5@%3Cdev.ranger.apache.org%3E" }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/rb523bb6c60196c5f58514b86a8585c2069a4852039b45de3818b29d2@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/rb523bb6c60196c5f58514b86a8585c2069a4852039b45de3818b29d2@%3Ccommits.servicecomb.apache.org%3E" - }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/r57245853c7245baab09eae08728c52b58fd77666538092389cc3e882@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/r57245853c7245baab09eae08728c52b58fd77666538092389cc3e882@%3Ccommits.servicecomb.apache.org%3E" - }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/r490ca5611c150d193b320a2608209180713b7c68e501b67b0cffb925@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/r490ca5611c150d193b320a2608209180713b7c68e501b67b0cffb925@%3Ccommits.servicecomb.apache.org%3E" - }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/r6d32fc3cd547f7c9a288a57c7f525f5d00a00d5d163613e0d10a23ef@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/r6d32fc3cd547f7c9a288a57c7f525f5d00a00d5d163613e0d10a23ef@%3Ccommits.servicecomb.apache.org%3E" - }, { "refsource": "MLIST", "name": "[pulsar-commits] 20210329 [GitHub] [pulsar] yaswanthnadella opened a new issue #10071: CVE-2021-21295 & CVE-2021-21290", @@ -199,11 +179,6 @@ "name": "[zookeeper-notifications] 20210331 [GitHub] [zookeeper] arshadmohammad commented on pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295", "url": "https://lists.apache.org/thread.html/rbadcbcb50195f00bbd196403865ced521ca70787999583c07be38d0e@%3Cnotifications.zookeeper.apache.org%3E" }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/rdb4db3f5a9c478ca52a7b164680b88877a5a9c174e7047676c006b2c@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/rdb4db3f5a9c478ca52a7b164680b88877a5a9c174e7047676c006b2c@%3Ccommits.servicecomb.apache.org%3E" - }, { "refsource": "MLIST", "name": "[zookeeper-notifications] 20210331 [GitHub] [zookeeper] eolivelli commented on pull request #1669: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295", @@ -239,11 +214,6 @@ "name": "[zookeeper-commits] 20210331 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295", "url": "https://lists.apache.org/thread.html/r22adb45fe902aeafcd0a1c4db13984224a667676c323c66db3af38a1@%3Ccommits.zookeeper.apache.org%3E" }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/r8db1d7b3b9acc9e8d2776395e280eb9615dd7790e1da8c57039963de@%3Cnotifications.zookeeper.apache.org%3E", - "url": "https://lists.apache.org/thread.html/r8db1d7b3b9acc9e8d2776395e280eb9615dd7790e1da8c57039963de@%3Cnotifications.zookeeper.apache.org%3E" - }, { "refsource": "MLIST", "name": "[zookeeper-commits] 20210331 [zookeeper] branch master updated: ZOOKEEPER-4272: Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295", @@ -259,11 +229,6 @@ "name": "[zookeeper-issues] 20210331 [jira] [Resolved] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295", "url": "https://lists.apache.org/thread.html/re6207ebe2ca4d44f2a6deee695ad6f27fd29d78980f1d46ed1574f91@%3Cissues.zookeeper.apache.org%3E" }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/r2e93ce23e04c3f0a61e987d1111d0695cb668ac4ec4edbf237bd3e80@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/r2e93ce23e04c3f0a61e987d1111d0695cb668ac4ec4edbf237bd3e80@%3Ccommits.servicecomb.apache.org%3E" - }, { "refsource": "MLIST", "name": "[zookeeper-issues] 20210401 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295", @@ -284,16 +249,6 @@ "name": "[kafka-jira] 20210401 [jira] [Resolved] (KAFKA-12583) Upgrade of netty-codec due to CVE-2021-21295", "url": "https://lists.apache.org/thread.html/rc165e36ca7cb5417aec3f21bbc4ec00fb38ecebdd96a82cfab9bd56f@%3Cjira.kafka.apache.org%3E" }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/rc73b8dd01b1be276d06bdf07883ecd93fe1a01f139a99ef30ba4308c@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/rc73b8dd01b1be276d06bdf07883ecd93fe1a01f139a99ef30ba4308c@%3Ccommits.servicecomb.apache.org%3E" - }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/rd25c88aad0e76240dd09f0eb34bdab924933946429e068a167adcb73@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/rd25c88aad0e76240dd09f0eb34bdab924933946429e068a167adcb73@%3Ccommits.servicecomb.apache.org%3E" - }, { "refsource": "MLIST", "name": "[zookeeper-issues] 20210402 [jira] [Commented] (ZOOKEEPER-4272) Upgrade Netty library to > 4.1.60 due to security vulnerability CVE-2021-21295", @@ -384,80 +339,30 @@ "name": "[flink-issues] 20210426 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx", "url": "https://lists.apache.org/thread.html/re7c69756a102bebce8b8681882844a53e2f23975a189363e68ad0324@%3Cissues.flink.apache.org%3E" }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/rcfc154eb2de23d2dc08a56100341161e1a40a8ea86c693735437e8f2@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/rcfc154eb2de23d2dc08a56100341161e1a40a8ea86c693735437e8f2@%3Ccommits.servicecomb.apache.org%3E" - }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/ra96c74c37ed7252f78392e1ad16442bd16ae72a4d6c8db50dd55c88b@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/ra96c74c37ed7252f78392e1ad16442bd16ae72a4d6c8db50dd55c88b@%3Ccommits.servicecomb.apache.org%3E" - }, { "refsource": "MLIST", "name": "[flink-issues] 20210511 [jira] [Commented] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx", "url": "https://lists.apache.org/thread.html/r855b4b6814ac829ce2d48dd9d8138d07f33387e710de798ee92c011e@%3Cissues.flink.apache.org%3E" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20210604-0003/", - "url": "https://security.netapp.com/advisory/ntap-20210604-0003/" - }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/r04a3e0d9f53421fb946c60cc54762b7151dc692eb4e39970a7579052@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/r04a3e0d9f53421fb946c60cc54762b7151dc692eb4e39970a7579052@%3Ccommits.servicecomb.apache.org%3E" - }, { "refsource": "MLIST", "name": "[flink-issues] 20210610 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx", "url": "https://lists.apache.org/thread.html/r0b09f3e31e004fe583f677f7afa46bd30110904576c13c5ac818ac2c@%3Cissues.flink.apache.org%3E" }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/racc191a1f70a4f13155e8002c61bddef2870b26441971c697436ad5d@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/racc191a1f70a4f13155e8002c61bddef2870b26441971c697436ad5d@%3Ccommits.servicecomb.apache.org%3E" - }, { "refsource": "MLIST", "name": "[flink-issues] 20210618 [jira] [Updated] (FLINK-22441) In Flink v1.11.3 contains netty(version:3.10.6) netty(version:4.1.60) . There are many vulnerabilities, like CVE-2021-21409 etc. please confirm these version and fix. thx", "url": "https://lists.apache.org/thread.html/r602e98daacc98934f097f07f2eed6eb07c18bfc1949c8489dc7bfcf5@%3Cissues.flink.apache.org%3E" }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/rf87b870a22aa5c77c27900967b518a71a7d954c2952860fce3794b60@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/rf87b870a22aa5c77c27900967b518a71a7d954c2952860fce3794b60@%3Ccommits.servicecomb.apache.org%3E" - }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/r16c4b55ac82be72f28adad4f8061477e5f978199d5725691dcc82c24@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/r16c4b55ac82be72f28adad4f8061477e5f978199d5725691dcc82c24@%3Ccommits.servicecomb.apache.org%3E" - }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/rae198f44c3f7ac5264045e6ba976be1703cff38dcf1609916e50210d@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/rae198f44c3f7ac5264045e6ba976be1703cff38dcf1609916e50210d@%3Ccommits.servicecomb.apache.org%3E" - }, { "refsource": "MLIST", "name": "[jackrabbit-dev] 20210709 [GitHub] [jackrabbit-oak] blackat opened a new pull request #321: Update netty to resolve CVE-2021-21295 and BDSA-2018-4022", "url": "https://lists.apache.org/thread.html/r3c4596b9b37f5ae91628ccf169d33cd5a0da4b16b6c39d5bad8e03f3@%3Cdev.jackrabbit.apache.org%3E" }, { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/re4f70b62843e92163fab03b65e2aa8078693293a0c36f1cc260079ed@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/re4f70b62843e92163fab03b65e2aa8078693293a0c36f1cc260079ed@%3Ccommits.servicecomb.apache.org%3E" - }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/reafc834062486adfc7be5bb8f7b7793be0d33f483678a094c3f9d468@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/reafc834062486adfc7be5bb8f7b7793be0d33f483678a094c3f9d468@%3Ccommits.servicecomb.apache.org%3E" - }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/r8bcaf7821247b1836b10f6a1a3a3212b06272fd4cde4a859de1b78cf@%3Ccommits.servicecomb.apache.org%3E", - "url": "https://lists.apache.org/thread.html/r8bcaf7821247b1836b10f6a1a3a3212b06272fd4cde4a859de1b78cf@%3Ccommits.servicecomb.apache.org%3E" + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210604-0003/", + "url": "https://security.netapp.com/advisory/ntap-20210604-0003/" }, { "refsource": "MLIST", @@ -520,7 +425,104 @@ "url": "https://lists.apache.org/thread.html/r584cf871f188c406d8bd447ff4e2fd9817fca862436c064d0951a071@%3Ccommits.pulsar.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/rb523bb6c60196c5f58514b86a8585c2069a4852039b45de3818b29d2@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/rb523bb6c60196c5f58514b86a8585c2069a4852039b45de3818b29d2@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r57245853c7245baab09eae08728c52b58fd77666538092389cc3e882@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/r57245853c7245baab09eae08728c52b58fd77666538092389cc3e882@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r490ca5611c150d193b320a2608209180713b7c68e501b67b0cffb925@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/r490ca5611c150d193b320a2608209180713b7c68e501b67b0cffb925@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r6d32fc3cd547f7c9a288a57c7f525f5d00a00d5d163613e0d10a23ef@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/r6d32fc3cd547f7c9a288a57c7f525f5d00a00d5d163613e0d10a23ef@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/rdb4db3f5a9c478ca52a7b164680b88877a5a9c174e7047676c006b2c@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/rdb4db3f5a9c478ca52a7b164680b88877a5a9c174e7047676c006b2c@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r8db1d7b3b9acc9e8d2776395e280eb9615dd7790e1da8c57039963de@%3Cnotifications.zookeeper.apache.org%3E", + "url": "https://lists.apache.org/thread.html/r8db1d7b3b9acc9e8d2776395e280eb9615dd7790e1da8c57039963de@%3Cnotifications.zookeeper.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r2e93ce23e04c3f0a61e987d1111d0695cb668ac4ec4edbf237bd3e80@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/r2e93ce23e04c3f0a61e987d1111d0695cb668ac4ec4edbf237bd3e80@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/rc73b8dd01b1be276d06bdf07883ecd93fe1a01f139a99ef30ba4308c@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/rc73b8dd01b1be276d06bdf07883ecd93fe1a01f139a99ef30ba4308c@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/rd25c88aad0e76240dd09f0eb34bdab924933946429e068a167adcb73@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/rd25c88aad0e76240dd09f0eb34bdab924933946429e068a167adcb73@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/rcfc154eb2de23d2dc08a56100341161e1a40a8ea86c693735437e8f2@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/rcfc154eb2de23d2dc08a56100341161e1a40a8ea86c693735437e8f2@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/ra96c74c37ed7252f78392e1ad16442bd16ae72a4d6c8db50dd55c88b@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/ra96c74c37ed7252f78392e1ad16442bd16ae72a4d6c8db50dd55c88b@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r04a3e0d9f53421fb946c60cc54762b7151dc692eb4e39970a7579052@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/r04a3e0d9f53421fb946c60cc54762b7151dc692eb4e39970a7579052@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/racc191a1f70a4f13155e8002c61bddef2870b26441971c697436ad5d@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/racc191a1f70a4f13155e8002c61bddef2870b26441971c697436ad5d@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/rf87b870a22aa5c77c27900967b518a71a7d954c2952860fce3794b60@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/rf87b870a22aa5c77c27900967b518a71a7d954c2952860fce3794b60@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r16c4b55ac82be72f28adad4f8061477e5f978199d5725691dcc82c24@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/r16c4b55ac82be72f28adad4f8061477e5f978199d5725691dcc82c24@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/rae198f44c3f7ac5264045e6ba976be1703cff38dcf1609916e50210d@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/rae198f44c3f7ac5264045e6ba976be1703cff38dcf1609916e50210d@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/re4f70b62843e92163fab03b65e2aa8078693293a0c36f1cc260079ed@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/re4f70b62843e92163fab03b65e2aa8078693293a0c36f1cc260079ed@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/reafc834062486adfc7be5bb8f7b7793be0d33f483678a094c3f9d468@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/reafc834062486adfc7be5bb8f7b7793be0d33f483678a094c3f9d468@%3Ccommits.servicecomb.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r8bcaf7821247b1836b10f6a1a3a3212b06272fd4cde4a859de1b78cf@%3Ccommits.servicecomb.apache.org%3E", + "url": "https://lists.apache.org/thread.html/r8bcaf7821247b1836b10f6a1a3a3212b06272fd4cde4a859de1b78cf@%3Ccommits.servicecomb.apache.org%3E" } ] }, diff --git a/2021/21xxx/CVE-2021-21409.json b/2021/21xxx/CVE-2021-21409.json index e718e1ae03b..fabbd4d6986 100644 --- a/2021/21xxx/CVE-2021-21409.json +++ b/2021/21xxx/CVE-2021-21409.json @@ -360,7 +360,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/21xxx/CVE-2021-21703.json b/2021/21xxx/CVE-2021-21703.json index 353669fbaa9..78f6b071046 100644 --- a/2021/21xxx/CVE-2021-21703.json +++ b/2021/21xxx/CVE-2021-21703.json @@ -156,7 +156,9 @@ "url": "https://security.netapp.com/advisory/ntap-20211118-0003/" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22060.json b/2021/22xxx/CVE-2021-22060.json index fc34b5853ce..c7efaa6700c 100644 --- a/2021/22xxx/CVE-2021-22060.json +++ b/2021/22xxx/CVE-2021-22060.json @@ -50,7 +50,9 @@ "url": "https://tanzu.vmware.com/security/cve-2021-22060" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22096.json b/2021/22xxx/CVE-2021-22096.json index c3c3c394023..ef590628312 100644 --- a/2021/22xxx/CVE-2021-22096.json +++ b/2021/22xxx/CVE-2021-22096.json @@ -49,13 +49,15 @@ "name": "https://tanzu.vmware.com/security/cve-2021-22096", "url": "https://tanzu.vmware.com/security/cve-2021-22096" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20211125-0005/", "url": "https://security.netapp.com/advisory/ntap-20211125-0005/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22118.json b/2021/22xxx/CVE-2021-22118.json index feec812dfa8..54e874cb7af 100644 --- a/2021/22xxx/CVE-2021-22118.json +++ b/2021/22xxx/CVE-2021-22118.json @@ -70,7 +70,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22132.json b/2021/22xxx/CVE-2021-22132.json index 93417c97ce7..9472bf9e968 100644 --- a/2021/22xxx/CVE-2021-22132.json +++ b/2021/22xxx/CVE-2021-22132.json @@ -49,13 +49,15 @@ "refsource": "MISC", "name": "https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20210219-0004/", "url": "https://security.netapp.com/advisory/ntap-20210219-0004/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22134.json b/2021/22xxx/CVE-2021-22134.json index a98d2593657..b6698704094 100644 --- a/2021/22xxx/CVE-2021-22134.json +++ b/2021/22xxx/CVE-2021-22134.json @@ -49,13 +49,15 @@ "refsource": "MISC", "name": "https://discuss.elastic.co/t/elastic-stack-7-11-0-security-update/265835" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20210430-0006/", "url": "https://security.netapp.com/advisory/ntap-20210430-0006/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22144.json b/2021/22xxx/CVE-2021-22144.json index c03261fcc28..4fa83274c83 100644 --- a/2021/22xxx/CVE-2021-22144.json +++ b/2021/22xxx/CVE-2021-22144.json @@ -44,6 +44,11 @@ }, "references": { "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "MISC", "name": "https://discuss.elastic.co/t/elasticsearch-7-13-3-and-6-8-17-security-update/278100", @@ -53,9 +58,6 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20210827-0006/", "url": "https://security.netapp.com/advisory/ntap-20210827-0006/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22145.json b/2021/22xxx/CVE-2021-22145.json index 6087131dd30..e3f23d2e9ba 100644 --- a/2021/22xxx/CVE-2021-22145.json +++ b/2021/22xxx/CVE-2021-22145.json @@ -44,6 +44,16 @@ }, "references": { "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210827-0006/", + "url": "https://security.netapp.com/advisory/ntap-20210827-0006/" + }, { "refsource": "MISC", "name": "https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177", @@ -53,14 +63,6 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html", "url": "http://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20210827-0006/", - "url": "https://security.netapp.com/advisory/ntap-20210827-0006/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22569.json b/2021/22xxx/CVE-2021-22569.json index def3cd06096..1b27062335b 100644 --- a/2021/22xxx/CVE-2021-22569.json +++ b/2021/22xxx/CVE-2021-22569.json @@ -148,7 +148,9 @@ "url": "http://www.openwall.com/lists/oss-security/2022/01/12/7" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22570.json b/2021/22xxx/CVE-2021-22570.json index 914405f58eb..7dd1c89ae63 100644 --- a/2021/22xxx/CVE-2021-22570.json +++ b/2021/22xxx/CVE-2021-22570.json @@ -114,7 +114,9 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22696.json b/2021/22xxx/CVE-2021-22696.json index 5e1ac32650a..b125bcb1128 100644 --- a/2021/22xxx/CVE-2021-22696.json +++ b/2021/22xxx/CVE-2021-22696.json @@ -111,7 +111,9 @@ "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22897.json b/2021/22xxx/CVE-2021-22897.json index 36b3cf01a07..78a9924830f 100644 --- a/2021/22xxx/CVE-2021-22897.json +++ b/2021/22xxx/CVE-2021-22897.json @@ -74,13 +74,15 @@ "name": "https://security.netapp.com/advisory/ntap-20210727-0007/", "url": "https://security.netapp.com/advisory/ntap-20210727-0007/" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22898.json b/2021/22xxx/CVE-2021-22898.json index 6fbba3a409b..82d9da7cb01 100644 --- a/2021/22xxx/CVE-2021-22898.json +++ b/2021/22xxx/CVE-2021-22898.json @@ -94,13 +94,15 @@ "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22901.json b/2021/22xxx/CVE-2021-22901.json index bf5c630bb3c..1240f794cb8 100644 --- a/2021/22xxx/CVE-2021-22901.json +++ b/2021/22xxx/CVE-2021-22901.json @@ -79,13 +79,15 @@ "name": "https://security.netapp.com/advisory/ntap-20210727-0007/", "url": "https://security.netapp.com/advisory/ntap-20210727-0007/" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22946.json b/2021/22xxx/CVE-2021-22946.json index 072ad2e833a..54f6331f032 100644 --- a/2021/22xxx/CVE-2021-22946.json +++ b/2021/22xxx/CVE-2021-22946.json @@ -84,6 +84,16 @@ "name": "https://security.netapp.com/advisory/ntap-20220121-0008/", "url": "https://security.netapp.com/advisory/ntap-20220121-0008/" }, + { + "refsource": "FULLDISC", + "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", + "url": "http://seclists.org/fulldisclosure/2022/Mar/29" + }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", @@ -93,14 +103,6 @@ "refsource": "CONFIRM", "name": "https://support.apple.com/kb/HT213183", "url": "https://support.apple.com/kb/HT213183" - }, - { - "refsource": "FULLDISC", - "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", - "url": "http://seclists.org/fulldisclosure/2022/Mar/29" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22947.json b/2021/22xxx/CVE-2021-22947.json index f53c81051d3..5117ec1f86d 100644 --- a/2021/22xxx/CVE-2021-22947.json +++ b/2021/22xxx/CVE-2021-22947.json @@ -79,6 +79,16 @@ "name": "https://security.netapp.com/advisory/ntap-20211029-0003/", "url": "https://security.netapp.com/advisory/ntap-20211029-0003/" }, + { + "refsource": "FULLDISC", + "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", + "url": "http://seclists.org/fulldisclosure/2022/Mar/29" + }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", @@ -88,14 +98,6 @@ "refsource": "CONFIRM", "name": "https://support.apple.com/kb/HT213183", "url": "https://support.apple.com/kb/HT213183" - }, - { - "refsource": "FULLDISC", - "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", - "url": "http://seclists.org/fulldisclosure/2022/Mar/29" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/23xxx/CVE-2021-23017.json b/2021/23xxx/CVE-2021-23017.json index fb657038ca9..3a13f984192 100644 --- a/2021/23xxx/CVE-2021-23017.json +++ b/2021/23xxx/CVE-2021-23017.json @@ -105,7 +105,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/23xxx/CVE-2021-23450.json b/2021/23xxx/CVE-2021-23450.json index 7588e3ed55f..0d49f7ec1d3 100644 --- a/2021/23xxx/CVE-2021-23450.json +++ b/2021/23xxx/CVE-2021-23450.json @@ -78,7 +78,9 @@ "name": "https://github.com/dojo/dojo/blob/4c39c14349408fc8274e19b399ffc660512ed07c/_base/lang.js%23L172" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/23xxx/CVE-2021-23463.json b/2021/23xxx/CVE-2021-23463.json index f6c2f82346e..d3c879b67bd 100644 --- a/2021/23xxx/CVE-2021-23463.json +++ b/2021/23xxx/CVE-2021-23463.json @@ -72,7 +72,9 @@ "name": "https://github.com/h2database/h2database/commit/d83285fd2e48fb075780ee95badee6f5a15ea7f8%23diff-008c2e4462609982199cd83e7cf6f1d6b41296b516783f6752c44b9f15dc7bc3" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/23xxx/CVE-2021-23839.json b/2021/23xxx/CVE-2021-23839.json index df823b66b28..81313489a69 100644 --- a/2021/23xxx/CVE-2021-23839.json +++ b/2021/23xxx/CVE-2021-23839.json @@ -103,7 +103,9 @@ "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/23xxx/CVE-2021-23840.json b/2021/23xxx/CVE-2021-23840.json index 3c725553f77..927b749c418 100644 --- a/2021/23xxx/CVE-2021-23840.json +++ b/2021/23xxx/CVE-2021-23840.json @@ -155,13 +155,15 @@ "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/23xxx/CVE-2021-23841.json b/2021/23xxx/CVE-2021-23841.json index 616fb0f1e8d..3b11789a5c1 100644 --- a/2021/23xxx/CVE-2021-23841.json +++ b/2021/23xxx/CVE-2021-23841.json @@ -166,7 +166,9 @@ "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/25xxx/CVE-2021-25219.json b/2021/25xxx/CVE-2021-25219.json index 0adedccb235..94fd38a120f 100644 --- a/2021/25xxx/CVE-2021-25219.json +++ b/2021/25xxx/CVE-2021-25219.json @@ -130,9 +130,9 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EF4NAVRV4H3W4GA3LGGZYUKD3HSJBAVW/" }, { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211118-0002/", - "url": "https://security.netapp.com/advisory/ntap-20211118-0002/" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "refsource": "CONFIRM", @@ -140,7 +140,9 @@ "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20211118-0002/", + "url": "https://security.netapp.com/advisory/ntap-20211118-0002/" } ] }, diff --git a/2021/26xxx/CVE-2021-26291.json b/2021/26xxx/CVE-2021-26291.json index ea43e3cdea6..008031f8cb7 100644 --- a/2021/26xxx/CVE-2021-26291.json +++ b/2021/26xxx/CVE-2021-26291.json @@ -154,26 +154,11 @@ "name": "[kafka-commits] 20210521 [kafka] branch 2.7 updated: KAFKA-12820: Upgrade maven-artifact dependency to resolve CVE-2021-26291", "url": "https://lists.apache.org/thread.html/r86aebd0387ae19b740b3eb28bad83fe6aceca0d6257eaa810a6e0002@%3Ccommits.kafka.apache.org%3E" }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/r7212b874e575e59d648980d91bc22e684906aee9b211ab92da9591f5@%3Cdev.kafka.apache.org%3E", - "url": "https://lists.apache.org/thread.html/r7212b874e575e59d648980d91bc22e684906aee9b211ab92da9591f5@%3Cdev.kafka.apache.org%3E" - }, - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/rcd6c3a36f1dbc130da1b89d0f320db7040de71661a512695a8d513ac@%3Cdev.kafka.apache.org%3E", - "url": "https://lists.apache.org/thread.html/rcd6c3a36f1dbc130da1b89d0f320db7040de71661a512695a8d513ac@%3Cdev.kafka.apache.org%3E" - }, { "refsource": "MLIST", "name": "[kafka-users] 20210617 vulnerabilities", "url": "https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E" }, - { - "refsource": "MISC", - "name": "https://www.whitesourcesoftware.com/resources/blog/maven-security-vulnerability-cve-2021-26291/", - "url": "https://www.whitesourcesoftware.com/resources/blog/maven-security-vulnerability-cve-2021-26291/" - }, { "refsource": "MLIST", "name": "[karaf-issues] 20210718 [jira] [Created] (KARAF-7224) Impact of CVE-2021-26291 on Karaf", @@ -275,7 +260,24 @@ "url": "https://lists.apache.org/thread.html/rc9e441c1576bdc4375d32526d5cf457226928e9c87b9f54ded26271c@%3Cissues.karaf.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r7212b874e575e59d648980d91bc22e684906aee9b211ab92da9591f5@%3Cdev.kafka.apache.org%3E", + "url": "https://lists.apache.org/thread.html/r7212b874e575e59d648980d91bc22e684906aee9b211ab92da9591f5@%3Cdev.kafka.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/rcd6c3a36f1dbc130da1b89d0f320db7040de71661a512695a8d513ac@%3Cdev.kafka.apache.org%3E", + "url": "https://lists.apache.org/thread.html/rcd6c3a36f1dbc130da1b89d0f320db7040de71661a512695a8d513ac@%3Cdev.kafka.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://www.whitesourcesoftware.com/resources/blog/maven-security-vulnerability-cve-2021-26291/", + "url": "https://www.whitesourcesoftware.com/resources/blog/maven-security-vulnerability-cve-2021-26291/" } ] }, diff --git a/2021/27xxx/CVE-2021-27568.json b/2021/27xxx/CVE-2021-27568.json index dbb871186d9..1d38c2eca41 100644 --- a/2021/27xxx/CVE-2021-27568.json +++ b/2021/27xxx/CVE-2021-27568.json @@ -88,7 +88,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/27xxx/CVE-2021-27807.json b/2021/27xxx/CVE-2021-27807.json index 79147770df4..c23db1ef446 100644 --- a/2021/27xxx/CVE-2021-27807.json +++ b/2021/27xxx/CVE-2021-27807.json @@ -171,7 +171,9 @@ "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/27xxx/CVE-2021-27906.json b/2021/27xxx/CVE-2021-27906.json index c351f35e740..2729be1da59 100644 --- a/2021/27xxx/CVE-2021-27906.json +++ b/2021/27xxx/CVE-2021-27906.json @@ -171,7 +171,9 @@ "name": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/28xxx/CVE-2021-28163.json b/2021/28xxx/CVE-2021-28163.json index 9580e0bed7c..527cef21266 100644 --- a/2021/28xxx/CVE-2021-28163.json +++ b/2021/28xxx/CVE-2021-28163.json @@ -206,7 +206,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/28xxx/CVE-2021-28164.json b/2021/28xxx/CVE-2021-28164.json index 2c9836518d3..7c83d1dfd88 100644 --- a/2021/28xxx/CVE-2021-28164.json +++ b/2021/28xxx/CVE-2021-28164.json @@ -193,7 +193,9 @@ "url": "http://packetstormsecurity.com/files/164590/Jetty-9.4.37.v20210219-Information-Disclosure.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/28xxx/CVE-2021-28165.json b/2021/28xxx/CVE-2021-28165.json index 01f5521d4c2..d6eb0567e11 100644 --- a/2021/28xxx/CVE-2021-28165.json +++ b/2021/28xxx/CVE-2021-28165.json @@ -619,7 +619,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/28xxx/CVE-2021-28168.json b/2021/28xxx/CVE-2021-28168.json index af3f1ffe700..800b6262cd1 100644 --- a/2021/28xxx/CVE-2021-28168.json +++ b/2021/28xxx/CVE-2021-28168.json @@ -171,7 +171,9 @@ "url": "https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/28xxx/CVE-2021-28169.json b/2021/28xxx/CVE-2021-28169.json index 36b68a884ce..ab7a185dafd 100644 --- a/2021/28xxx/CVE-2021-28169.json +++ b/2021/28xxx/CVE-2021-28169.json @@ -184,7 +184,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/28xxx/CVE-2021-28170.json b/2021/28xxx/CVE-2021-28170.json index 57321eb6605..3c640727bc5 100644 --- a/2021/28xxx/CVE-2021-28170.json +++ b/2021/28xxx/CVE-2021-28170.json @@ -68,7 +68,9 @@ "url": "https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/28xxx/CVE-2021-28657.json b/2021/28xxx/CVE-2021-28657.json index f76cc9cb0a1..3b04524cf0f 100644 --- a/2021/28xxx/CVE-2021-28657.json +++ b/2021/28xxx/CVE-2021-28657.json @@ -86,7 +86,9 @@ "url": "https://security.netapp.com/advisory/ntap-20210507-0004/" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/29xxx/CVE-2021-29425.json b/2021/29xxx/CVE-2021-29425.json index 895bcd0293d..4e76c6da668 100644 --- a/2021/29xxx/CVE-2021-29425.json +++ b/2021/29xxx/CVE-2021-29425.json @@ -298,13 +298,15 @@ "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20220210-0004/", "url": "https://security.netapp.com/advisory/ntap-20220210-0004/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/29xxx/CVE-2021-29505.json b/2021/29xxx/CVE-2021-29505.json index 513dd53a6d2..8aac88af15a 100644 --- a/2021/29xxx/CVE-2021-29505.json +++ b/2021/29xxx/CVE-2021-29505.json @@ -133,7 +133,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/29xxx/CVE-2021-29921.json b/2021/29xxx/CVE-2021-29921.json index 8faf7051da6..43a20d977ad 100644 --- a/2021/29xxx/CVE-2021-29921.json +++ b/2021/29xxx/CVE-2021-29921.json @@ -118,7 +118,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/30xxx/CVE-2021-30129.json b/2021/30xxx/CVE-2021-30129.json index 58fda9450af..f407d7d690f 100644 --- a/2021/30xxx/CVE-2021-30129.json +++ b/2021/30xxx/CVE-2021-30129.json @@ -87,7 +87,9 @@ "url": "http://www.openwall.com/lists/oss-security/2021/07/12/1" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/30xxx/CVE-2021-30468.json b/2021/30xxx/CVE-2021-30468.json index e5b2e9742dd..82605acb1c6 100644 --- a/2021/30xxx/CVE-2021-30468.json +++ b/2021/30xxx/CVE-2021-30468.json @@ -134,7 +134,9 @@ "url": "https://security.netapp.com/advisory/ntap-20210917-0002/" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/31xxx/CVE-2021-31799.json b/2021/31xxx/CVE-2021-31799.json index 4f94357cee0..0ca9a3af091 100644 --- a/2021/31xxx/CVE-2021-31799.json +++ b/2021/31xxx/CVE-2021-31799.json @@ -52,6 +52,16 @@ }, "references": { "reference_data": [ + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20211013 [SECURITY] [DLA 2780-1] ruby2.3 security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html" + }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "MISC", "name": "https://www.ruby-lang.org/en/news/2021/05/02/os-command-injection-in-rdoc/", @@ -66,14 +76,6 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20210902-0004/", "url": "https://security.netapp.com/advisory/ntap-20210902-0004/" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211013 [SECURITY] [DLA 2780-1] ruby2.3 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/31xxx/CVE-2021-31810.json b/2021/31xxx/CVE-2021-31810.json index 775789f1d05..debff3efee8 100644 --- a/2021/31xxx/CVE-2021-31810.json +++ b/2021/31xxx/CVE-2021-31810.json @@ -57,28 +57,30 @@ "refsource": "MISC", "name": "https://hackerone.com/reports/1145454" }, - { - "refsource": "MISC", - "name": "https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp/", - "url": "https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp/" - }, { "refsource": "FEDORA", "name": "FEDORA-2021-36cdab1f8d", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWXHK5UUHVSHF7HTHMX6JY3WXDVNIHSL/" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20210917-0001/", - "url": "https://security.netapp.com/advisory/ntap-20210917-0001/" - }, { "refsource": "MLIST", "name": "[debian-lts-announce] 20211013 [SECURITY] [DLA 2780-1] ruby2.3 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, + { + "refsource": "MISC", + "name": "https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp/", + "url": "https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp/" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210917-0001/", + "url": "https://security.netapp.com/advisory/ntap-20210917-0001/" } ] } diff --git a/2021/31xxx/CVE-2021-31811.json b/2021/31xxx/CVE-2021-31811.json index 7aca35aa587..11d895d7bfd 100644 --- a/2021/31xxx/CVE-2021-31811.json +++ b/2021/31xxx/CVE-2021-31811.json @@ -145,7 +145,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/31xxx/CVE-2021-31812.json b/2021/31xxx/CVE-2021-31812.json index ee22e6826cd..b82b25aa5a0 100644 --- a/2021/31xxx/CVE-2021-31812.json +++ b/2021/31xxx/CVE-2021-31812.json @@ -140,7 +140,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/32xxx/CVE-2021-32066.json b/2021/32xxx/CVE-2021-32066.json index db7497f6e70..697d03615ed 100644 --- a/2021/32xxx/CVE-2021-32066.json +++ b/2021/32xxx/CVE-2021-32066.json @@ -57,6 +57,21 @@ "refsource": "MISC", "name": "https://hackerone.com/reports/1178562" }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20211013 [SECURITY] [DLA 2780-1] ruby2.3 security update", + "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html" + }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210902-0004/", + "url": "https://security.netapp.com/advisory/ntap-20210902-0004/" + }, { "refsource": "CONFIRM", "name": "https://www.ruby-lang.org/en/news/2021/07/07/starttls-stripping-in-net-imap/", @@ -66,19 +81,6 @@ "refsource": "CONFIRM", "name": "https://github.com/ruby/ruby/commit/a21a3b7d23704a01d34bd79d09dc37897e00922a", "url": "https://github.com/ruby/ruby/commit/a21a3b7d23704a01d34bd79d09dc37897e00922a" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20210902-0004/", - "url": "https://security.netapp.com/advisory/ntap-20210902-0004/" - }, - { - "refsource": "MLIST", - "name": "[debian-lts-announce] 20211013 [SECURITY] [DLA 2780-1] ruby2.3 security update", - "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00009.html" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/32xxx/CVE-2021-32626.json b/2021/32xxx/CVE-2021-32626.json index d9263ba5827..7bcf6272e71 100644 --- a/2021/32xxx/CVE-2021-32626.json +++ b/2021/32xxx/CVE-2021-32626.json @@ -113,18 +113,20 @@ "name": "FEDORA-2021-aa94492a09", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" - }, { "refsource": "DEBIAN", "name": "DSA-5001", "url": "https://www.debian.org/security/2021/dsa-5001" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", + "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" } ] }, diff --git a/2021/32xxx/CVE-2021-32627.json b/2021/32xxx/CVE-2021-32627.json index 4619dee77ee..76548646904 100644 --- a/2021/32xxx/CVE-2021-32627.json +++ b/2021/32xxx/CVE-2021-32627.json @@ -108,18 +108,20 @@ "name": "FEDORA-2021-aa94492a09", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" - }, { "refsource": "DEBIAN", "name": "DSA-5001", "url": "https://www.debian.org/security/2021/dsa-5001" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", + "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" } ] }, diff --git a/2021/32xxx/CVE-2021-32628.json b/2021/32xxx/CVE-2021-32628.json index 525a784e8be..900bff46e05 100644 --- a/2021/32xxx/CVE-2021-32628.json +++ b/2021/32xxx/CVE-2021-32628.json @@ -108,18 +108,20 @@ "name": "FEDORA-2021-aa94492a09", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" - }, { "refsource": "DEBIAN", "name": "DSA-5001", "url": "https://www.debian.org/security/2021/dsa-5001" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", + "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" } ] }, diff --git a/2021/32xxx/CVE-2021-32672.json b/2021/32xxx/CVE-2021-32672.json index 38a486ab565..a8bbb3a9a57 100644 --- a/2021/32xxx/CVE-2021-32672.json +++ b/2021/32xxx/CVE-2021-32672.json @@ -41,7 +41,7 @@ "description_data": [ { "lang": "eng", - "value": "Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger\u2019s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14." + "value": "Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger\u2019s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14." } ] }, @@ -100,18 +100,20 @@ "name": "FEDORA-2021-aa94492a09", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" - }, { "refsource": "DEBIAN", "name": "DSA-5001", "url": "https://www.debian.org/security/2021/dsa-5001" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", + "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" } ] }, diff --git a/2021/32xxx/CVE-2021-32675.json b/2021/32xxx/CVE-2021-32675.json index 230453818b4..3745a236b2e 100644 --- a/2021/32xxx/CVE-2021-32675.json +++ b/2021/32xxx/CVE-2021-32675.json @@ -105,18 +105,20 @@ "name": "FEDORA-2021-aa94492a09", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" - }, { "refsource": "DEBIAN", "name": "DSA-5001", "url": "https://www.debian.org/security/2021/dsa-5001" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", + "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" } ] }, diff --git a/2021/32xxx/CVE-2021-32687.json b/2021/32xxx/CVE-2021-32687.json index 9148e11717c..bf045066b42 100644 --- a/2021/32xxx/CVE-2021-32687.json +++ b/2021/32xxx/CVE-2021-32687.json @@ -108,18 +108,20 @@ "name": "FEDORA-2021-aa94492a09", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" - }, { "refsource": "DEBIAN", "name": "DSA-5001", "url": "https://www.debian.org/security/2021/dsa-5001" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", + "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" } ] }, diff --git a/2021/32xxx/CVE-2021-32762.json b/2021/32xxx/CVE-2021-32762.json index 347faa69383..866fe0cd3c3 100644 --- a/2021/32xxx/CVE-2021-32762.json +++ b/2021/32xxx/CVE-2021-32762.json @@ -108,18 +108,20 @@ "name": "FEDORA-2021-aa94492a09", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", - "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" - }, { "refsource": "DEBIAN", "name": "DSA-5001", "url": "https://www.debian.org/security/2021/dsa-5001" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20211104-0003/", + "url": "https://security.netapp.com/advisory/ntap-20211104-0003/" } ] }, diff --git a/2021/32xxx/CVE-2021-32785.json b/2021/32xxx/CVE-2021-32785.json index c2b58acdc9a..fdbe2e404a0 100644 --- a/2021/32xxx/CVE-2021-32785.json +++ b/2021/32xxx/CVE-2021-32785.json @@ -84,13 +84,15 @@ "refsource": "MISC", "url": "https://github.com/zmartzone/mod_auth_openidc/releases/tag/v2.4.9" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20210902-0001/", "url": "https://security.netapp.com/advisory/ntap-20210902-0001/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/32xxx/CVE-2021-32786.json b/2021/32xxx/CVE-2021-32786.json index 48a0e1027a7..c155dda16d3 100644 --- a/2021/32xxx/CVE-2021-32786.json +++ b/2021/32xxx/CVE-2021-32786.json @@ -99,13 +99,15 @@ "name": "FEDORA-2021-17f5cedf66", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXAWKPT5LXZSUTFSJ6IWSZC7RMYYQXQD/" }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20210902-0001/", "url": "https://security.netapp.com/advisory/ntap-20210902-0001/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/32xxx/CVE-2021-32791.json b/2021/32xxx/CVE-2021-32791.json index f639f1fdce8..146a9f15def 100644 --- a/2021/32xxx/CVE-2021-32791.json +++ b/2021/32xxx/CVE-2021-32791.json @@ -103,7 +103,9 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXAWKPT5LXZSUTFSJ6IWSZC7RMYYQXQD/" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/32xxx/CVE-2021-32792.json b/2021/32xxx/CVE-2021-32792.json index 538a732d044..ca1968cd913 100644 --- a/2021/32xxx/CVE-2021-32792.json +++ b/2021/32xxx/CVE-2021-32792.json @@ -100,7 +100,9 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXAWKPT5LXZSUTFSJ6IWSZC7RMYYQXQD/" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/33xxx/CVE-2021-33037.json b/2021/33xxx/CVE-2021-33037.json index 40bde913eb9..c2b4c0c8ddb 100644 --- a/2021/33xxx/CVE-2021-33037.json +++ b/2021/33xxx/CVE-2021-33037.json @@ -148,7 +148,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/33xxx/CVE-2021-33193.json b/2021/33xxx/CVE-2021-33193.json index dbd9fcfe718..2e2e12f4935 100644 --- a/2021/33xxx/CVE-2021-33193.json +++ b/2021/33xxx/CVE-2021-33193.json @@ -119,7 +119,9 @@ "url": "https://www.tenable.com/security/tns-2021-17" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/33xxx/CVE-2021-33560.json b/2021/33xxx/CVE-2021-33560.json index 5c72c20b7c6..bcc4f6bde21 100644 --- a/2021/33xxx/CVE-2021-33560.json +++ b/2021/33xxx/CVE-2021-33560.json @@ -98,7 +98,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/33xxx/CVE-2021-33813.json b/2021/33xxx/CVE-2021-33813.json index bfbb64fecde..5300f3acb70 100644 --- a/2021/33xxx/CVE-2021-33813.json +++ b/2021/33xxx/CVE-2021-33813.json @@ -62,11 +62,6 @@ "refsource": "MISC", "name": "https://github.com/hunterhacker/jdom/releases" }, - { - "refsource": "MISC", - "name": "https://alephsecurity.com/vulns/aleph-2021003", - "url": "https://alephsecurity.com/vulns/aleph-2021003" - }, { "refsource": "MLIST", "name": "[debian-lts-announce] 20210629 [SECURITY] [DLA 2696-1] libjdom2-java security update", @@ -128,7 +123,14 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWFVYTHGILOQXUA7U3SPOERQXL7OPSZG/" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" + }, + { + "refsource": "MISC", + "name": "https://alephsecurity.com/vulns/aleph-2021003", + "url": "https://alephsecurity.com/vulns/aleph-2021003" } ] } diff --git a/2021/33xxx/CVE-2021-33880.json b/2021/33xxx/CVE-2021-33880.json index d4fd266f08d..3ad5f2d442e 100644 --- a/2021/33xxx/CVE-2021-33880.json +++ b/2021/33xxx/CVE-2021-33880.json @@ -63,7 +63,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/34xxx/CVE-2021-34428.json b/2021/34xxx/CVE-2021-34428.json index 740384fac13..199c4adb795 100644 --- a/2021/34xxx/CVE-2021-34428.json +++ b/2021/34xxx/CVE-2021-34428.json @@ -136,7 +136,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/34xxx/CVE-2021-34429.json b/2021/34xxx/CVE-2021-34429.json index 90908e559bf..640e6ddc1b9 100644 --- a/2021/34xxx/CVE-2021-34429.json +++ b/2021/34xxx/CVE-2021-34429.json @@ -269,7 +269,9 @@ "url": "https://security.netapp.com/advisory/ntap-20210819-0006/" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2021/34xxx/CVE-2021-34798.json b/2021/34xxx/CVE-2021-34798.json index 9a43d74e024..ae751d2d95c 100644 --- a/2021/34xxx/CVE-2021-34798.json +++ b/2021/34xxx/CVE-2021-34798.json @@ -140,7 +140,9 @@ "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10379" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] }, diff --git a/2021/35xxx/CVE-2021-35043.json b/2021/35xxx/CVE-2021-35043.json index 1cf58dc1655..a68880129cf 100644 --- a/2021/35xxx/CVE-2021-35043.json +++ b/2021/35xxx/CVE-2021-35043.json @@ -73,7 +73,9 @@ "name": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" + "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2022.html" } ] } diff --git a/2022/24xxx/CVE-2022-24826.json b/2022/24xxx/CVE-2022-24826.json index 47925889c10..fd720226881 100644 --- a/2022/24xxx/CVE-2022-24826.json +++ b/2022/24xxx/CVE-2022-24826.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe`, and `git.exe` is not found in `PATH`, the `..exe` program will be executed, permitting the attacker to execute arbitrary code. This does not affect Unix systems.\n\nSimilarly, if the malicious repository contains files named `..exe` and `cygpath.exe`, and `cygpath.exe` is not found in `PATH`, the `..exe` program will be executed when certain Git LFS commands are run.\n\nMore generally, if the current working directory contains any file with a base name of `.` and a file extension from `PATHEXT` (except `.bat` and `.cmd`), and also contains another file with the same base name as a program Git LFS intends to execute (such as `git`, `cygpath`, or `uname`) and any file extension from `PATHEXT` (including `.bat` and `.cmd`), then, on Windows, when Git LFS attempts to execute the intended program the `..exe`, `..com`, etc., file will be executed instead, but only if the intended program is not found in any directory listed in `PATH`.\n\nThe vulnerability occurs because when Git LFS detects that the program it intends to run does not exist in any directory listed in `PATH` then Git LFS passes an empty string as the executable file path to the Go `os/exec` package, which contains a bug such that, on Windows, it prepends the name of the current working directory (i.e., `.`) to the empty string without adding a path separator, and as a result searches in that directory for a file with the base name `.` combined with any file extension from `PATHEXT`, executing the first one it finds.\n\n(The reason `..bat` and `..cmd` files are not executed in the same manner is that, although the Go `os/exec` package tries to execute them just as it does a `..exe` file, the Microsoft Win32 API `CreateProcess()` family of functions have an undocumented feature in that they apparently recognize when a caller is attempting to execute a batch script file and instead run the `cmd.exe` command interpreter, passing the full set of command line arguments as parameters. These are unchanged from the command line arguments set by Git LFS, and as such, the intended program's name is the first, resulting in a command line like `cmd.exe /c git`, which then fails.)\n\nGit LFS has resolved this vulnerability by always reporting an error when a program is not found in any directory listed in `PATH` rather than passing an empty string to the Go `os/exec` package in this case.\n\nThe bug in the Go `os/exec` package has been reported to the Go project and is expected to be patched after this security advisory is published.\n\nThe problem was introduced in version 2.12.1 and is patched in version 3.1.3. Users of affected versions should upgrade to version 3.1.3. There are currently no known workarounds at this time." + "value": "On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe`, and `git.exe` is not found in `PATH`, the `..exe` program will be executed, permitting the attacker to execute arbitrary code. This does not affect Unix systems. Similarly, if the malicious repository contains files named `..exe` and `cygpath.exe`, and `cygpath.exe` is not found in `PATH`, the `..exe` program will be executed when certain Git LFS commands are run. More generally, if the current working directory contains any file with a base name of `.` and a file extension from `PATHEXT` (except `.bat` and `.cmd`), and also contains another file with the same base name as a program Git LFS intends to execute (such as `git`, `cygpath`, or `uname`) and any file extension from `PATHEXT` (including `.bat` and `.cmd`), then, on Windows, when Git LFS attempts to execute the intended program the `..exe`, `..com`, etc., file will be executed instead, but only if the intended program is not found in any directory listed in `PATH`. The vulnerability occurs because when Git LFS detects that the program it intends to run does not exist in any directory listed in `PATH` then Git LFS passes an empty string as the executable file path to the Go `os/exec` package, which contains a bug such that, on Windows, it prepends the name of the current working directory (i.e., `.`) to the empty string without adding a path separator, and as a result searches in that directory for a file with the base name `.` combined with any file extension from `PATHEXT`, executing the first one it finds. (The reason `..bat` and `..cmd` files are not executed in the same manner is that, although the Go `os/exec` package tries to execute them just as it does a `..exe` file, the Microsoft Win32 API `CreateProcess()` family of functions have an undocumented feature in that they apparently recognize when a caller is attempting to execute a batch script file and instead run the `cmd.exe` command interpreter, passing the full set of command line arguments as parameters. These are unchanged from the command line arguments set by Git LFS, and as such, the intended program's name is the first, resulting in a command line like `cmd.exe /c git`, which then fails.) Git LFS has resolved this vulnerability by always reporting an error when a program is not found in any directory listed in `PATH` rather than passing an empty string to the Go `os/exec` package in this case. The bug in the Go `os/exec` package has been reported to the Go project and is expected to be patched after this security advisory is published. The problem was introduced in version 2.12.1 and is patched in version 3.1.3. Users of affected versions should upgrade to version 3.1.3. There are currently no known workarounds at this time." } ] }, @@ -69,15 +69,15 @@ }, "references": { "reference_data": [ - { - "name": "https://github.com/git-lfs/git-lfs/security/advisories/GHSA-6rw3-3whw-jvjj", - "refsource": "CONFIRM", - "url": "https://github.com/git-lfs/git-lfs/security/advisories/GHSA-6rw3-3whw-jvjj" - }, { "name": "https://github.com/git-lfs/git-lfs/releases", "refsource": "MISC", "url": "https://github.com/git-lfs/git-lfs/releases" + }, + { + "name": "https://github.com/git-lfs/git-lfs/security/advisories/GHSA-6rw3-3whw-jvjj", + "refsource": "CONFIRM", + "url": "https://github.com/git-lfs/git-lfs/security/advisories/GHSA-6rw3-3whw-jvjj" } ] }, diff --git a/2022/24xxx/CVE-2022-24860.json b/2022/24xxx/CVE-2022-24860.json index f8cab293419..05dde28b44e 100644 --- a/2022/24xxx/CVE-2022-24860.json +++ b/2022/24xxx/CVE-2022-24860.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Use of Hard-coded Cryptographic Key vulnerability. An attacker can use hard coding to generate login credentials of any user and log in to the service background located at different IP addresses. \n\n" + "value": "Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Use of Hard-coded Cryptographic Key vulnerability. An attacker can use hard coding to generate login credentials of any user and log in to the service background located at different IP addresses." } ] },