admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-11-22 23:00:33 +00:00
parent 682c3eeaad
commit 7d48753264
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
3 changed files with 60 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
2021/38xxx/CVE-2021-38578.json
View File

@ -1,12 +1,33 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-38578",
"ASSIGNER": "infosec@edk2.groups.io",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A case of CWE-124 is occurring in PiSmmCore.",
"cweId": "CWE-124"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,8 +40,8 @@
"version": {
"version_data": [
{
"version_affected": "=<",
"version_value": "edk-stable202202"
"version_value": "edk2-stable201808",
"version_affected": "="
}
]
}
@ -31,32 +52,49 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A case of CWE-124 is occurring in PiSmmCore."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://bugzilla.tianocore.org/show_bug.cgi?id=3387",
"refsource": "MISC",
"name": "https://bugzilla.tianocore.org/show_bug.cgi?id=3387"
}
]
},
"description": {
"description_data": [
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/tianocore/edk2/commit/cab1f02565d3b29081dd21afb074f35fdb4e1fd6\">https://github.com/tianocore/edk2/commit/cab1f02565d3b29081dd21afb074f35fdb4e1fd6</a><br>"
}
],
"value": " https://github.com/tianocore/edk2/commit/cab1f02565d3b29081dd21afb074f35fdb4e1fd6 https://github.com/tianocore/edk2/commit/cab1f02565d3b29081dd21afb074f35fdb4e1fd6 \n"
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize."
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

2
2022/43xxx/CVE-2022-43284.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njs_scope_valid_value at njs_scope.h."
"value": "** DISPUTED ** Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njs_scope_valid_value at njs_scope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input."
}
]
},

2
2022/43xxx/CVE-2022-43285.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njs_promise_reaction_job."
"value": "** DISPUTED ** Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njs_promise_reaction_job. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input."
}
]
},