admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-10 02:04:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-03-10 17:38:17 +00:00
parent ae1dbf7136
commit 7cf47a07fb
No known key found for this signature in database
GPG Key ID: 08789936A25A004E
8 changed files with 292 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
2021/43xxx/CVE-2021-43976.json
View File

@ -76,6 +76,21 @@
"refsource": "DEBIAN",
"name": "DSA-5092",
"url": "https://www.debian.org/security/2022/dsa-5092"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-5096",
"url": "https://www.debian.org/security/2022/dsa-5096"
}
]
}

83
2022/0xxx/CVE-2022-0890.json
View File

@ -1,18 +1,89 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0890",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "NULL Pointer Dereference in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476 NULL Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276"
},
{
"name": "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa"
}
]
},
"source": {
"advisory": "68e09ec1-6cc7-48b8-981d-30f478c70276",
"discovery": "EXTERNAL"
}
}

89
2022/0xxx/CVE-2022-0891.json
View File

@ -4,15 +4,96 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-0891",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@gitlab.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "libtiff",
"product": {
"product_data": [
{
"product_name": "libtiff",
"version": {
"version_data": [
{
"version_value": ">=3.9.0, <=4.3.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in libtiff"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitlab.com/libtiff/libtiff/-/issues/380",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/380",
"refsource": "MISC"
},
{
"name": "https://gitlab.com/libtiff/libtiff/-/issues/382",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/382",
"refsource": "MISC"
},
{
"name": "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c",
"url": "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c",
"refsource": "MISC"
},
{
"name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json",
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json",
"refsource": "CONFIRM"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact"
}
]
}
},
"impact": {
"cvss": {
"vectorString": "AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"version": "3.1",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
}
},
"credit": [
{
"lang": "eng",
"value": "shahchintanh@gmail.com"
}
]
}

15
2022/24xxx/CVE-2022-24448.json
View File

@ -76,6 +76,21 @@
"refsource": "DEBIAN",
"name": "DSA-5092",
"url": "https://www.debian.org/security/2022/dsa-5092"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-5096",
"url": "https://www.debian.org/security/2022/dsa-5096"
}
]
}

10
2022/24xxx/CVE-2022-24959.json
View File

@ -66,6 +66,16 @@
"refsource": "DEBIAN",
"name": "DSA-5092",
"url": "https://www.debian.org/security/2022/dsa-5092"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-5096",
"url": "https://www.debian.org/security/2022/dsa-5096"
}
]
}

15
2022/25xxx/CVE-2022-25258.json
View File

@ -76,6 +76,21 @@
"refsource": "DEBIAN",
"name": "DSA-5092",
"url": "https://www.debian.org/security/2022/dsa-5092"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-5096",
"url": "https://www.debian.org/security/2022/dsa-5096"
}
]
}

15
2022/25xxx/CVE-2022-25375.json
View File

@ -76,6 +76,21 @@
"refsource": "DEBIAN",
"name": "DSA-5092",
"url": "https://www.debian.org/security/2022/dsa-5092"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-5096",
"url": "https://www.debian.org/security/2022/dsa-5096"
}
]
}

66
2022/26xxx/CVE-2022-26652.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-26652",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-26652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "NATS nats-server before 2.7.4 allows Directory Traversal (with write access) via an element in a ZIP archive for JetStream streams. nats-streaming-server before 0.24.3 is also affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/nats-io/nats-server/releases",
"refsource": "MISC",
"name": "https://github.com/nats-io/nats-server/releases"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/nats-io/nats-server/security/advisories/GHSA-6h3m-36w8-hv68",
"url": "https://github.com/nats-io/nats-server/security/advisories/GHSA-6h3m-36w8-hv68"
},
{
"refsource": "CONFIRM",
"name": "https://advisories.nats.io/CVE/CVE-2022-26652.txt",
"url": "https://advisories.nats.io/CVE/CVE-2022-26652.txt"
}
]
}