From 896b75519b31a553de21d4d6572847019170ff05 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 14 Oct 2022 11:00:32 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/37xxx/CVE-2022-37602.json | 66 ++++++++++++++++++++++++++++++---- 2022/3xxx/CVE-2022-3502.json | 10 ++++-- 2022/3xxx/CVE-2022-3503.json | 12 ++++--- 2022/3xxx/CVE-2022-3504.json | 18 ++++++++++ 2022/3xxx/CVE-2022-3505.json | 18 ++++++++++ 5 files changed, 111 insertions(+), 13 deletions(-) create mode 100644 2022/3xxx/CVE-2022-3504.json create mode 100644 2022/3xxx/CVE-2022-3505.json diff --git a/2022/37xxx/CVE-2022-37602.json b/2022/37xxx/CVE-2022-37602.json index d64a7933f60..4d29ec23638 100644 --- a/2022/37xxx/CVE-2022-37602.json +++ b/2022/37xxx/CVE-2022-37602.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-37602", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-37602", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Prototype pollution vulnerability in karma-runner grunt-karma 4.0.1 via the key variable in grunt-karma.js." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/karma-runner/grunt-karma/blob/45b925964f55870f375c6e670d9945b223c984f5/tasks/grunt-karma.js#L26", + "refsource": "MISC", + "name": "https://github.com/karma-runner/grunt-karma/blob/45b925964f55870f375c6e670d9945b223c984f5/tasks/grunt-karma.js#L26" + }, + { + "url": "https://github.com/karma-runner/grunt-karma/blob/45b925964f55870f375c6e670d9945b223c984f5/tasks/grunt-karma.js#L109", + "refsource": "MISC", + "name": "https://github.com/karma-runner/grunt-karma/blob/45b925964f55870f375c6e670d9945b223c984f5/tasks/grunt-karma.js#L109" + }, + { + "refsource": "MISC", + "name": "https://github.com/karma-runner/grunt-karma/issues/311", + "url": "https://github.com/karma-runner/grunt-karma/issues/311" } ] } diff --git a/2022/3xxx/CVE-2022-3502.json b/2022/3xxx/CVE-2022-3502.json index 2d60f69ce16..dd3b74baf95 100644 --- a/2022/3xxx/CVE-2022-3502.json +++ b/2022/3xxx/CVE-2022-3502.json @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "3.5", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" } }, "references": { "reference_data": [ { - "url": "https:\/\/github.com\/draco1725\/POC\/blob\/main\/Exploit\/Stored%20Xss" + "url": "https://github.com/draco1725/POC/blob/main/Exploit/Stored%20Xss", + "refsource": "MISC", + "name": "https://github.com/draco1725/POC/blob/main/Exploit/Stored%20Xss" }, { - "url": "https:\/\/vuldb.com\/?id.210831" + "url": "https://vuldb.com/?id.210831", + "refsource": "MISC", + "name": "https://vuldb.com/?id.210831" } ] } diff --git a/2022/3xxx/CVE-2022-3503.json b/2022/3xxx/CVE-2022-3503.json index daddbc01977..423e6a41b6f 100644 --- a/2022/3xxx/CVE-2022-3503.json +++ b/2022/3xxx/CVE-2022-3503.json @@ -49,7 +49,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Supplier Handler. The manipulation of the argument Supplier Name\/Address\/Contact person\/Contact leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-210832." + "value": "A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Supplier Handler. The manipulation of the argument Supplier Name/Address/Contact person/Contact leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-210832." } ] }, @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "3.5", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" } }, "references": { "reference_data": [ { - "url": "https:\/\/github.com\/DisguisedRoot\/Exploit\/blob\/main\/Persistent%20XSS\/PoC" + "url": "https://github.com/DisguisedRoot/Exploit/blob/main/Persistent%20XSS/PoC", + "refsource": "MISC", + "name": "https://github.com/DisguisedRoot/Exploit/blob/main/Persistent%20XSS/PoC" }, { - "url": "https:\/\/vuldb.com\/?id.210832" + "url": "https://vuldb.com/?id.210832", + "refsource": "MISC", + "name": "https://vuldb.com/?id.210832" } ] } diff --git a/2022/3xxx/CVE-2022-3504.json b/2022/3xxx/CVE-2022-3504.json new file mode 100644 index 00000000000..cbec31e0308 --- /dev/null +++ b/2022/3xxx/CVE-2022-3504.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3504", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/3xxx/CVE-2022-3505.json b/2022/3xxx/CVE-2022-3505.json new file mode 100644 index 00000000000..8239f98315f --- /dev/null +++ b/2022/3xxx/CVE-2022-3505.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3505", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file