admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-16 22:00:51 +00:00
parent 6f536116e1
commit 8b7d902048
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
8 changed files with 168 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/17xxx/CVE-2019-17003.json
View File

@ -61,8 +61,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2019-17003"
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2019-17003",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2019-17003"
}
]
},

10
2020/12xxx/CVE-2020-12413.json
View File

@ -69,12 +69,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://raccoon-attack.com/"
"refsource": "MISC",
"url": "https://raccoon-attack.com/",
"name": "https://raccoon-attack.com/"
},
{
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2020-12413"
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2020-12413",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2020-12413"
}
]
},

12
2020/6xxx/CVE-2020-6817.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS).\n\nCalls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']})."
"value": "bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']})."
}
]
},
@ -57,12 +57,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://github.com/mozilla/bleach/security/advisories/GHSA-vqhp-cxgc-6wmm"
"refsource": "MISC",
"url": "https://github.com/mozilla/bleach/security/advisories/GHSA-vqhp-cxgc-6wmm",
"name": "https://github.com/mozilla/bleach/security/advisories/GHSA-vqhp-cxgc-6wmm"
},
{
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1623633"
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1623633",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1623633"
}
]
},

12
2021/23xxx/CVE-2021-23980.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "A mutation XSS affects users calling bleach.clean with all of:\n\n svg or math in the allowed tags\n p or br in allowed tags\n style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed tags\n the keyword argument strip_comments=False\n\nNote: none of the above tags are in the default allowed tags and strip_comments defaults to True."
"value": "A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed tags the keyword argument strip_comments=False Note: none of the above tags are in the default allowed tags and strip_comments defaults to True."
}
]
},
@ -57,12 +57,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://github.com/mozilla/bleach/security/advisories/GHSA-vv2x-vrpj-qqpq"
"refsource": "MISC",
"url": "https://github.com/mozilla/bleach/security/advisories/GHSA-vv2x-vrpj-qqpq",
"name": "https://github.com/mozilla/bleach/security/advisories/GHSA-vv2x-vrpj-qqpq"
},
{
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2021-23980"
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2021-23980",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2021-23980"
}
]
},

7
2021/43xxx/CVE-2021-43529.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "Thunderbird versions prior to 91.3.0 are vulnerable to the heap\noverflow described in CVE-2021-43527 when processing S/MIME messages.\nThunderbird versions 91.3.0 and later will not call the vulnerable code \nwhen processing S/MIME messages that contain certificates with\nDER-encoded DSA or RSA-PSS signatures."
"value": "Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures."
}
]
},
@ -57,8 +57,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2021-43529"
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2021-43529",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2021-43529"
}
]
},

12
2022/0xxx/CVE-2022-0637.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "There was an open redirection vulnerability pollbot, which was used in https://pollbot.services.mozilla.com/ and https://pollbot.stage.mozaws.net/\n\nAn attacker could have redirected anyone to malicious sites."
"value": "There was an open redirection vulnerability pollbot, which was used in https://pollbot.services.mozilla.com/ and https://pollbot.stage.mozaws.net/ An attacker could have redirected anyone to malicious sites."
}
]
},
@ -57,12 +57,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://github.com/mozilla/PollBot/security/advisories/GHSA-vg27-hr3v-3cqv"
"refsource": "MISC",
"url": "https://github.com/mozilla/PollBot/security/advisories/GHSA-vg27-hr3v-3cqv",
"name": "https://github.com/mozilla/PollBot/security/advisories/GHSA-vg27-hr3v-3cqv"
},
{
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2022-0637"
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2022-0637",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2022-0637"
}
]
},

56
2022/44xxx/CVE-2022-44299.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-44299",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-44299",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SiteServerCMS 7.1.3 sscms has a file read vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/siteserver/cms/issues/3491",
"refsource": "MISC",
"name": "https://github.com/siteserver/cms/issues/3491"
}
]
}

88
2023/0xxx/CVE-2023-0821.json
View File

@ -1,17 +1,97 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0821",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@hashicorp.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 jobs using a maliciously compressed artifact stanza source can cause excessive disk usage. Fixed in 1.2.16, 1.3.9, and 1.4.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-409 Improper Handling of Highly Compressed Data (Data Amplification)",
"cweId": "CWE-409"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "HashiCorp",
"product": {
"product_data": [
{
"product_name": "Nomad",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "1.2.15"
}
]
}
},
{
"product_name": "Nomad Enterprise",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "1.2.15"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-05-nomad-client-vulnerable-to-decompression-bombs-in-artifact-block/50292",
"refsource": "MISC",
"name": "https://discuss.hashicorp.com/t/hcsec-2023-05-nomad-client-vulnerable-to-decompression-bombs-in-artifact-block/50292"
}
]
},
"source": {
"discovery": "INTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseSeverity": "MEDIUM",
"baseScore": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
}
]
}