admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-02-03 16:00:43 +00:00
parent 418a9b8cbb
commit 81240e4bec
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
34 changed files with 1791 additions and 204 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
2020/25xxx/CVE-2020-25208.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-25208",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-25208",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2020/27xxx/CVE-2020-27994.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-27994",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-27994",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.themissinglink.com.au/security-advisories-cve-2020-27994",
"refsource": "MISC",
"name": "https://www.themissinglink.com.au/security-advisories-cve-2020-27994"
},
{
"refsource": "CONFIRM",
"name": "https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-2_release_notes.htm",
"url": "https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-2_release_notes.htm"
} }
] ]
} }

61
2020/28xxx/CVE-2020-28001.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-28001",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-28001",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "SolarWinds Serv-U before 15.2.2 allows Authenticated Stored XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.themissinglink.com.au/security-advisories-cve-2020-28001",
"refsource": "MISC",
"name": "https://www.themissinglink.com.au/security-advisories-cve-2020-28001"
},
{
"refsource": "CONFIRM",
"name": "https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-2_release_notes.htm",
"url": "https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-2_release_notes.htm"
} }
] ]
} }

61
2020/28xxx/CVE-2020-28653.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-28653",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-28653",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Zoho ManageEngine OpManager Stable build before 125203 (and Released build before 125233) allows Remote Code Execution via the Smart Update Manager (SUM) servlet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.manageengine.com/network-monitoring/help/read-me-complete.html#125233",
"url": "https://www.manageengine.com/network-monitoring/help/read-me-complete.html#125233"
},
{
"refsource": "CONFIRM",
"name": "https://www.manageengine.com/network-monitoring/help/read-me-complete.html#125203",
"url": "https://www.manageengine.com/network-monitoring/help/read-me-complete.html#125203"
} }
] ]
} }

90
2020/28xxx/CVE-2020-28895.json
View File

@ -1,18 +1,96 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-28895",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-28895",
"STATE": "PUBLIC",
"TITLE": "integer overflow in calloc"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Reported by Omri Ben Bassat <v-obenbassat@microsoft.com>"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption."
} }
] ]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support2.windriver.com/index.php?page=defects&on=view&id=V7LIBC-1327",
"name": "https://support2.windriver.com/index.php?page=defects&on=view&id=V7LIBC-1327"
},
{
"refsource": "MISC",
"url": "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-28895",
"name": "https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-28895"
}
]
},
"source": {
"discovery": "EXTERNAL"
} }
} }

61
2020/29xxx/CVE-2020-29582.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-29582",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-29582",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

12
2020/2xxx/CVE-2020-2506.json
View File

@ -10,6 +10,7 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "QNAP Systems Inc.",
"product": { "product": {
"product_data": [ "product_data": [
{ {
@ -17,15 +18,13 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_value": "< 3.0.3"
"version_value": "3.0.3"
} }
] ]
} }
} }
] ]
}, }
"vendor_name": "QNAP Systems Inc."
} }
] ]
} }
@ -33,7 +32,7 @@
"credit": [ "credit": [
{ {
"lang": "eng", "lang": "eng",
"value": "Jose Antonio Pérez Piedra" "value": "Jose Antonio P\u00e9rez Piedra"
} }
], ],
"data_format": "MITRE", "data_format": "MITRE",
@ -43,7 +42,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow attackers to obtain control of a QNAP device.\nThis issue affects:\nQNAP Systems Inc. Helpdesk\nversions prior to 3.0.3." "value": "The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow attackers to obtain control of a QNAP device. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3."
} }
] ]
}, },
@ -90,6 +89,7 @@
"reference_data": [ "reference_data": [
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-08",
"url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-08" "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-08"
} }
] ]

12
2020/2xxx/CVE-2020-2507.json
View File

@ -10,6 +10,7 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "QNAP Systems Inc.",
"product": { "product": {
"product_data": [ "product_data": [
{ {
@ -17,15 +18,13 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<", "version_value": "< 3.0.3"
"version_value": "3.0.3"
} }
] ]
} }
} }
] ]
}, }
"vendor_name": "QNAP Systems Inc."
} }
] ]
} }
@ -33,7 +32,7 @@
"credit": [ "credit": [
{ {
"lang": "eng", "lang": "eng",
"value": "Jose Antonio Pérez Piedra" "value": "Jose Antonio P\u00e9rez Piedra"
} }
], ],
"data_format": "MITRE", "data_format": "MITRE",
@ -43,7 +42,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow attackers to obtain control of a QNAP device.\nThis issue affects:\nQNAP Systems Inc. Helpdesk\nversions prior to 3.0.3." "value": "The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow attackers to obtain control of a QNAP device. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3."
} }
] ]
}, },
@ -82,6 +81,7 @@
"reference_data": [ "reference_data": [
{ {
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-08",
"url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-08" "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-08"
} }
] ]

56
2020/35xxx/CVE-2020-35481.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-35481",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-35481",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "SolarWinds Serv-U before 15.2.2 allows Unauthenticated Macro Injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-2_release_notes.htm",
"url": "https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-2_release_notes.htm"
} }
] ]
} }

56
2020/35xxx/CVE-2020-35482.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-35482",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-35482",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "SolarWinds Serv-U before 15.2.2 allows authenticated reflected XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-2_release_notes.htm",
"url": "https://documentation.solarwinds.com/en/success_center/servu/Content/Release_Notes/Servu_15-2-2_release_notes.htm"
} }
] ]
} }

61
2020/35xxx/CVE-2020-35667.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-35667",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-35667",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that could potentially expose user credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25755.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25755",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25755",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains Code With Me before 2020.3, an attacker on the local network, knowing a session ID, could get access to the encrypted traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25756.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25756",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25756",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25757.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25757",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25757",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains Hub before 2020.1.12629, an open redirect was possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25758.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25758",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25758",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25759.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25759",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25759",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25760.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25760",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25760",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains Hub before 2020.1.12669, information disclosure via the public API was possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25761.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25761",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25761",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains Ktor before 1.5.0, a birthday attack on SessionStorage key was possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25762.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25762",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25762",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains Ktor before 1.4.3, HTTP Request Smuggling was possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25763.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25763",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25763",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25765.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25765",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25765",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains YouTrack before 2020.4.4701, CSRF via attachment upload was possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25766.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25766",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25766",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25767.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25767",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25767",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25768.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25768",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25768",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked improperly."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25769.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25769",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25769",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25770.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25770",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25770",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25771.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25771",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25771",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains YouTrack before 2020.6.1099, project information could be potentially disclosed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25772.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25772",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25772",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25773.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25773",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25773",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25774.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25774",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25774",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25775.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25775",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25775",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25776.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25776",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25776",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25777.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25777",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25777",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }

61
2021/25xxx/CVE-2021-25778.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-25778",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2021-25778",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.jetbrains.com",
"refsource": "MISC",
"name": "https://blog.jetbrains.com"
},
{
"refsource": "MISC",
"name": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/",
"url": "https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020/"
} }
] ]
} }