admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-06-10 11:00:51 +00:00
parent d8a8573345
commit 7cf78e3080
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
15 changed files with 254 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/10xxx/CVE-2018-10237.json
View File

@ -301,6 +301,11 @@
"refsource": "MLIST",
"name": "[pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10149: Upgrade jclouds to 2.3.0 to fix security vulnerabilities",
"url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version",
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E"
}
]
}

10
2019/17xxx/CVE-2019-17567.json
View File

@ -193,6 +193,16 @@
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"name": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-announce] 20210609 CVE-2019-17567: mod_proxy_wstunnel tunneling of non Upgraded connections",
"url": "https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c@%3Cannounce.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E"
}
]
},

5
2019/17xxx/CVE-2019-17640.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r8383b5e7344a8b872e430ad72241b84b83e9701d275c602cfe34a941@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r8383b5e7344a8b872e430ad72241b84b83e9701d275c602cfe34a941@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[pulsar-commits] 20210610 [GitHub] [pulsar] lhotari opened a new pull request #10889: [Security] Upgrade vertx to 3.9.8 to address CVE-2019-17640",
"url": "https://lists.apache.org/thread.html/rfd0ebf8387cfd0b959d1e218797e709793cce51a5ea2f84d0976f47d@%3Ccommits.pulsar.apache.org%3E"
}
]
}

10
2020/13xxx/CVE-2020-13938.json
View File

@ -218,6 +218,16 @@
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"name": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-announce] 20210609 CVE-2020-13938: Improper Handling of Insufficient Privileges",
"url": "https://lists.apache.org/thread.html/r5fdc4fbbc7ddb816c843329a9accdcf284ade86e8d77b8c2a6d9bc30@%3Cannounce.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E"
}
]
},

10
2020/13xxx/CVE-2020-13950.json
View File

@ -88,6 +88,16 @@
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"name": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-announce] 20210609 CVE-2020-13950: mod_proxy_http NULL pointer dereference",
"url": "https://lists.apache.org/thread.html/rbe197409ae4a58b629fb792d1aed541ccbbf865121a80e1c5938d223@%3Cannounce.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E"
}
]
},

10
2020/35xxx/CVE-2020-35452.json
View File

@ -218,6 +218,16 @@
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"name": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-announce] 20210609 CVE-2020-35452: mod_auth_digest possible stack overflow by one nul byte",
"url": "https://lists.apache.org/thread.html/rccb1b8225583a48c6360edc7a93cc97ae8b0215791e455dc607e7602@%3Cannounce.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E"
}
]
},

5
2020/8xxx/CVE-2020-8908.json
View File

@ -141,6 +141,11 @@
"refsource": "MLIST",
"name": "[myfaces-dev] 20210506 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #817: build: CVE fix",
"url": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version",
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E"
}
]
},

10
2021/26xxx/CVE-2021-26690.json
View File

@ -218,6 +218,16 @@
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"name": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-announce] 20210609 CVE-2021-26690: mod_session NULL pointer dereference",
"url": "https://lists.apache.org/thread.html/rae406c1d19c0dfd3103c96923dadac2af1cd0bad6905ab1ede153865@%3Cannounce.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E"
}
]
},

10
2021/26xxx/CVE-2021-26691.json
View File

@ -218,6 +218,16 @@
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"name": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-announce] 20210609 CVE-2021-26691: mod_session response handling heap overflow",
"url": "https://lists.apache.org/thread.html/r50cae1b71f1e7421069036b213c26da7d8f47dd59874e3bd956959fe@%3Cannounce.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E"
}
]
},

6
2021/27xxx/CVE-2021-27612.json
View File

@ -20,11 +20,11 @@
"version_data": [
{
"version_name": "<",
"version_value": "7.60"
"version_value": "7.60 PL10"
},
{
"version_name": "<",
"version_value": "7.70"
"version_value": "7.70 PL1"
}
]
}
@ -39,7 +39,7 @@
"description_data": [
{
"lang": "eng",
"value": "In specific situations SAP GUI for Windows, versions - 7.60, 7.70 forwards a user to specific malicious website which could contain malware or might lead to phishing attacks to steal credentials of the victim."
"value": "In specific situations SAP GUI for Windows, versions - 7.60 PL10, 7.70 PL1, forwards a user to specific malicious website which could contain malware or might lead to phishing attacks to steal credentials of the victim."
}
]
},

10
2021/30xxx/CVE-2021-30641.json
View File

@ -93,6 +93,16 @@
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"name": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-announce] 20210609 CVE-2021-30641: Unexpected URL matching with 'MergeSlashes OFF'",
"url": "https://lists.apache.org/thread.html/r2b4773944d83d2799de9fbaeee7fe0f3fd72669467787e02f434cb10@%3Cannounce.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E"
}
]
},

51
2021/31xxx/CVE-2021-31342.json
View File

@ -1,35 +1,28 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-31342",
"STATE": "PUBLIC"
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"CVE_data_meta": {
"ID": "CVE-2021-31342",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Solid Edge SE2020",
"product_name": "Siemens Solid Edge",
"version": {
"version_data": [
{
"version_value": "All Versions < 2020MP14"
}
]
}
},
{
"product_name": "Solid Edge SE2021",
"version": {
"version_data": [
"version_value": "Solid Edge SE2020 \u2013 All versions before 2020MP14"
},
{
"version_value": "All Versions < SE2021MP5"
"version_value": "Solid Edge SE2021 \u2013 All versions before SE2021MP5"
}
]
}
@ -46,26 +39,26 @@
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
"value": "OUT-OF-BOUNDS WRITE CWE-787"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Solid Edge SE2020 (All Versions < 2020MP14), Solid Edge SE2021 (All Versions < SE2021MP5). The ugeom2d.dll library lacks proper validation of user-supplied data when parsing DFT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12993)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-208356.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-208356.pdf"
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-09",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-09"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ugeom2d.dll library in all versions of Solid Edge SE2020 before 2020MP14 and all versions of Solid Edge SE2021 before SE2021MP5 lack proper validation of user-supplied data when parsing DFT files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process."
}
]
}

51
2021/31xxx/CVE-2021-31343.json
View File

@ -1,35 +1,28 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-31343",
"STATE": "PUBLIC"
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"CVE_data_meta": {
"ID": "CVE-2021-31343",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Solid Edge SE2020",
"product_name": "Siemens Solid Edge",
"version": {
"version_data": [
{
"version_value": "All Versions < 2020MP14"
}
]
}
},
{
"product_name": "Solid Edge SE2021",
"version": {
"version_data": [
"version_value": "Solid Edge SE2020 \u2013 All versions before 2020MP14"
},
{
"version_value": "All Versions < SE2021MP5"
"version_value": "Solid Edge SE2021 \u2013 All versions before SE2021MP5"
}
]
}
@ -46,26 +39,26 @@
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
"value": "OUT-OF-BOUNDS WRITE CWE-787"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Solid Edge SE2020 (All Versions < 2020MP14), Solid Edge SE2021 (All Versions < SE2021MP5). The jutil.dll library lacks proper validation of user-supplied data when parsing DFT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12994)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-208356.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-208356.pdf"
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-09",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-09"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The jutil.dll library in all versions of Solid Edge SE2020 before 2020MP14 and all versions of Solid Edge SE2021 before SE2021MP5 lack proper validation of user-supplied data when parsing DFT files. This could result in an out-of-bounds write past the end of an allocation structure. An attacker could leverage this vulnerability to execute code in the context of the current process."
}
]
}

66
2021/34xxx/CVE-2021-34363.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-34363",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-34363",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The thefuck (aka The Fuck) package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the \"undo archive operation\" feature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/nvbn/thefuck/releases/tag/3.31",
"url": "https://github.com/nvbn/thefuck/releases/tag/3.31"
},
{
"refsource": "MISC",
"name": "https://vuln.ryotak.me/advisories/48",
"url": "https://vuln.ryotak.me/advisories/48"
},
{
"refsource": "MISC",
"name": "https://github.com/nvbn/thefuck/commit/e343c577cd7da4d304b837d4a07ab4df1e023092",
"url": "https://github.com/nvbn/thefuck/commit/e343c577cd7da4d304b837d4a07ab4df1e023092"
}
]
}

62
2021/34xxx/CVE-2021-34539.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-34539",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in CubeCoders AMP before 2.1.1.8. A lack of validation of the Java Version setting means that an unintended executable path can be set. The result is that high-privileged users can trigger code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/CubeCoders/AMP/issues/464",
"refsource": "MISC",
"name": "https://github.com/CubeCoders/AMP/issues/464"
}
]
}
}