"-Synchronized-Data."

2025-06-19 17:32:41 +00:00 · 2020-06-22 14:01:23 +00:00 · 2020-06-22 14:01:23 +00:00 · 87d58a191f
commit 87d58a191f
parent a892367167
6 changed files with 44 additions and 10 deletions
--- a/2020/13xxx/CVE-2020-13379.json
+++ b/2020/13xxx/CVE-2020-13379.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on."
+                "value": "The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault."
            }
        ]
    },
--- a/2020/14xxx/CVE-2020-14970.json
+++ b/2020/14xxx/CVE-2020-14970.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2020-14970",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2020/14xxx/CVE-2020-14971.json
+++ b/2020/14xxx/CVE-2020-14971.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2020-14971",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2020/8xxx/CVE-2020-8903.json
+++ b/2020/8xxx/CVE-2020-8903.json
@ -1,6 +1,6 @@
 {
    "CVE_data_meta": {
-        "ASSIGNER": "cve-coordination@google.com",
+        "ASSIGNER": "security@google.com",
        "ID": "CVE-2020-8903",
        "STATE": "PUBLIC",
        "TITLE": "Priviged Escalation in Google Cloud Platform's Guest-OSLogin"
--- a/2020/8xxx/CVE-2020-8907.json
+++ b/2020/8xxx/CVE-2020-8907.json
@ -1,6 +1,6 @@
 {
    "CVE_data_meta": {
-        "ASSIGNER": "cve-coordination@google.com",
+        "ASSIGNER": "security@google.com",
        "ID": "CVE-2020-8907",
        "STATE": "PUBLIC",
        "TITLE": "Priviged Escalation in Google Cloud Platform's Guest-OSLogin"
@ -101,4 +101,3 @@
        "discovery": "EXTERNAL"
    }
 }
-
--- a/2020/8xxx/CVE-2020-8933.json
+++ b/2020/8xxx/CVE-2020-8933.json
@ -1,6 +1,6 @@
 {
    "CVE_data_meta": {
-        "ASSIGNER": "cve-coordination@google.com",
+        "ASSIGNER": "security@google.com",
        "ID": "CVE-2020-8933",
        "STATE": "PUBLIC",
        "TITLE": "Priviged Escalation in Google Cloud Platform's Guest-OSLogin"
@ -101,4 +101,3 @@
        "discovery": "EXTERNAL"
    }
 }
-