Added CVE-2020-1763

2025-06-12 02:05:39 +00:00 · 2020-05-12 12:48:21 +05:30 · 2020-05-12 12:48:21 +05:30 · 8604954f04
commit 8604954f04
parent fbf83d8856
1 changed files with 71 additions and 3 deletions
--- a/2020/1xxx/CVE-2020-1763.json
+++ b/2020/1xxx/CVE-2020-1763.json
@ -4,15 +4,83 @@
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2020-1763",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "msiddiqu@redhat.com"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "the libreswan Project",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "libreswan",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "from versions 3.27 till 3.31"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-125"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt",
+                "name": "https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt",
+                "refsource": "CONFIRM"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1763",
+                "refsource": "CONFIRM"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813329",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1813329",
+                "refsource": "MISC"
+            },
+            {
+                "url": "https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8",
+                "name": "https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8",
+                "refsource": "CONFIRM"
+            }
+        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash."
            }
        ]
+    },
+    "impact": {
+        "cvss": [
+            [
+                {
+                    "vectorString": "7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+                    "version": "3.0"
+                }
+            ]
+        ]
    }
 }