"-Synchronized-Data."

2025-05-07 11:06:39 +00:00 · 2022-07-06 10:00:45 +00:00 · 2022-07-06 10:00:45 +00:00 · 87aeef9f79
commit 87aeef9f79
parent 8f28661591
4 changed files with 263 additions and 261 deletions
--- a/2021/23xxx/CVE-2021-23163.json
+++ b/2021/23xxx/CVE-2021-23163.json
@ -55,7 +55,7 @@
        "description_data": [
            {
                "lang": "eng",
-        "value": "JFrog Artifactory prior to version 7.33.6 and 6.23.38, is vulnerable to CSRF ( Cross-Site Request Forgery) for specific endpoints. \n\n\nThis issue affects:\nJFrog JFrog Artifactory\nJFrog Artifactory versions before 7.33.6 versions prior to 7.x;\nJFrog Artifactory versions before 6.23.38 versions prior to 6.x."
+                "value": "JFrog Artifactory prior to version 7.33.6 and 6.23.38, is vulnerable to CSRF ( Cross-Site Request Forgery) for specific endpoints. This issue affects: JFrog JFrog Artifactory JFrog Artifactory versions before 7.33.6 versions prior to 7.x; JFrog Artifactory versions before 6.23.38 versions prior to 6.x."
            }
        ]
    },
--- a/2021/45xxx/CVE-2021-45721.json
+++ b/2021/45xxx/CVE-2021-45721.json
@ -55,7 +55,7 @@
        "description_data": [
            {
                "lang": "eng",
-        "value": "JFrog Artifactory prior to version 7.29.8 and 6.23.38 is vulnerable to Reflected Cross-Site Scripting (XSS) through one of the XHR parameters in Users REST API endpoint.\n\nThis issue affects:\nJFrog JFrog Artifactory\nJFrog Artifactory versions before 7.36.1 versions prior to 7.29.8;\nJFrog Artifactory versions before 6.23.41 versions prior to 6.23.38."
+                "value": "JFrog Artifactory prior to version 7.29.8 and 6.23.38 is vulnerable to Reflected Cross-Site Scripting (XSS) through one of the XHR parameters in Users REST API endpoint. This issue affects: JFrog JFrog Artifactory JFrog Artifactory versions before 7.36.1 versions prior to 7.29.8; JFrog Artifactory versions before 6.23.41 versions prior to 6.23.38."
            }
        ]
    },
--- a/2021/46xxx/CVE-2021-46687.json
+++ b/2021/46xxx/CVE-2021-46687.json
@ -55,7 +55,7 @@
        "description_data": [
            {
                "lang": "eng",
-        "value": "JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administrator REST API.\n\nThis issue affects:\nJFrog JFrog Artifactory\nJFrog Artifactory versions before 7.31.10 versions prior to 7.x;\nJFrog Artifactory versions before 6.23.38 versions prior to 6.x."
+                "value": "JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administrator REST API. This issue affects: JFrog JFrog Artifactory JFrog Artifactory versions before 7.31.10 versions prior to 7.x; JFrog Artifactory versions before 6.23.38 versions prior to 6.x."
            }
        ]
    },
--- a/2022/32xxx/CVE-2022-32533.json
+++ b/2022/32xxx/CVE-2022-32533.json
@ -43,7 +43,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "** UNSUPPORTED WHEN ASSIGNED ** Apache Jetspeed-2 does not sufficiently filter untrusted user input by default leading to a number of issues including XSS, CSRF, XXE, and SSRF.  Setting the configuration option \"xss.filter.post = true\" may mitigate these issues.\n\nNOTE: Apache Jetspeed is a dormant project of Apache Portals and no updates will be provided for this issue.  "
+                "value": "** UNSUPPORTED WHEN ASSIGNED ** Apache Jetspeed-2 does not sufficiently filter untrusted user input by default leading to a number of issues including XSS, CSRF, XXE, and SSRF. Setting the configuration option \"xss.filter.post = true\" may mitigate these issues. NOTE: Apache Jetspeed is a dormant project of Apache Portals and no updates will be provided for this issue."
            }
        ]
    },
@ -70,12 +70,14 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://lists.apache.org/thread/d3g248pr03x8rvmh8p2t3xdlw0wn5dz2"
+                "refsource": "MISC",
+                "url": "https://lists.apache.org/thread/d3g248pr03x8rvmh8p2t3xdlw0wn5dz2",
+                "name": "https://lists.apache.org/thread/d3g248pr03x8rvmh8p2t3xdlw0wn5dz2"
            },
            {
-                "refsource": "CONFIRM",
-                "url": "https://www.openwall.com/lists/oss-security/2022/07/06/1"
+                "refsource": "MISC",
+                "url": "https://www.openwall.com/lists/oss-security/2022/07/06/1",
+                "name": "https://www.openwall.com/lists/oss-security/2022/07/06/1"
            }
        ]
    },