From 8faf1b8b325730d8c8de19c23f1c39aaeb9bdf74 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 21 Jul 2021 15:01:44 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2012/0xxx/CVE-2012-0881.json | 24 ++--- 2014/0xxx/CVE-2014-0107.json | 144 +++++++++++++++--------------- 2015/0xxx/CVE-2015-0254.json | 24 ++--- 2016/0xxx/CVE-2016-0762.json | 14 +-- 2016/4xxx/CVE-2016-4429.json | 44 +++++----- 2016/7xxx/CVE-2016-7103.json | 4 +- 2017/14xxx/CVE-2017-14735.json | 4 +- 2017/16xxx/CVE-2017-16931.json | 18 ++-- 2017/3xxx/CVE-2017-3735.json | 128 +++++++++++++-------------- 2017/5xxx/CVE-2017-5461.json | 68 ++++++++------- 2017/5xxx/CVE-2017-5637.json | 4 +- 2017/7xxx/CVE-2017-7656.json | 4 +- 2017/7xxx/CVE-2017-7657.json | 4 +- 2017/7xxx/CVE-2017-7658.json | 4 +- 2017/9xxx/CVE-2017-9735.json | 4 +- 2018/0xxx/CVE-2018-0737.json | 144 +++++++++++++++--------------- 2018/0xxx/CVE-2018-0739.json | 154 +++++++++++++++++---------------- 2018/15xxx/CVE-2018-15686.json | 14 +-- 2018/15xxx/CVE-2018-15756.json | 4 +- 2018/21xxx/CVE-2018-21010.json | 14 +-- 2018/7xxx/CVE-2018-7160.json | 8 +- 2018/7xxx/CVE-2018-7183.json | 28 +++--- 2019/0xxx/CVE-2019-0190.json | 44 +++++----- 2019/0xxx/CVE-2019-0201.json | 4 +- 2019/0xxx/CVE-2019-0205.json | 14 +-- 2019/0xxx/CVE-2019-0210.json | 14 +-- 2021/2xxx/CVE-2021-2438.json | 143 +++++++++++++++--------------- 2021/2xxx/CVE-2021-2439.json | 135 +++++++++++++++-------------- 2021/2xxx/CVE-2021-2440.json | 127 ++++++++++++++------------- 2021/2xxx/CVE-2021-2441.json | 127 ++++++++++++++------------- 2021/2xxx/CVE-2021-2442.json | 127 ++++++++++++++------------- 2021/2xxx/CVE-2021-2443.json | 127 ++++++++++++++------------- 2021/2xxx/CVE-2021-2444.json | 127 ++++++++++++++------------- 2021/2xxx/CVE-2021-2445.json | 127 ++++++++++++++------------- 2021/2xxx/CVE-2021-2446.json | 127 ++++++++++++++------------- 2021/2xxx/CVE-2021-2447.json | 127 ++++++++++++++------------- 36 files changed, 1155 insertions(+), 1073 deletions(-) diff --git a/2012/0xxx/CVE-2012-0881.json b/2012/0xxx/CVE-2012-0881.json index 9135c67498a..be3e47b84f8 100644 --- a/2012/0xxx/CVE-2012-0881.json +++ b/2012/0xxx/CVE-2012-0881.json @@ -52,11 +52,6 @@ }, "references": { "reference_data": [ - { - "name": "https://issues.apache.org/jira/browse/XERCESJ-1685", - "refsource": "CONFIRM", - "url": "https://issues.apache.org/jira/browse/XERCESJ-1685" - }, { "name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available", "refsource": "MLIST", @@ -67,11 +62,6 @@ "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2014/07/08/11" }, - { - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=787104", - "refsource": "CONFIRM", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=787104" - }, { "refsource": "MLIST", "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", @@ -98,7 +88,19 @@ "url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "name": "https://issues.apache.org/jira/browse/XERCESJ-1685", + "refsource": "CONFIRM", + "url": "https://issues.apache.org/jira/browse/XERCESJ-1685" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=787104", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=787104" + }, + { + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } diff --git a/2014/0xxx/CVE-2014-0107.json b/2014/0xxx/CVE-2014-0107.json index f9dd20a9cd6..7949682d0d7 100644 --- a/2014/0xxx/CVE-2014-0107.json +++ b/2014/0xxx/CVE-2014-0107.json @@ -52,11 +52,6 @@ }, "references": { "reference_data": [ - { - "name": "https://issues.apache.org/jira/browse/XALANJ-2435", - "refsource": "CONFIRM", - "url": "https://issues.apache.org/jira/browse/XALANJ-2435" - }, { "name": "GLSA-201604-02", "refsource": "GENTOO", @@ -87,51 +82,11 @@ "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59247" }, - { - "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755", - "refsource": "CONFIRM", - "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755" - }, { "name": "59515", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59515" }, - { - "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource": "CONFIRM", - "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676093", - "refsource": "CONFIRM", - "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676093" - }, - { - "name": "http://www.ibm.com/support/docview.wss?uid=swg21677967", - "refsource": "CONFIRM", - "url": "http://www.ibm.com/support/docview.wss?uid=swg21677967" - }, - { - "name": "https://www.tenable.com/security/tns-2018-15", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2018-15" - }, - { - "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677145", - "refsource": "CONFIRM", - "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677145" - }, - { - "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681933", - "refsource": "CONFIRM", - "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681933" - }, - { - "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", - "refsource": "CONFIRM", - "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" - }, { "name": "DSA-2886", "refsource": "DEBIAN", @@ -147,26 +102,11 @@ "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59369" }, - { - "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21674334", - "refsource": "CONFIRM", - "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674334" - }, { "name": "59711", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59711" }, - { - "name": "http://www.ocert.org/advisories/ocert-2014-002.html", - "refsource": "MISC", - "url": "http://www.ocert.org/advisories/ocert-2014-002.html" - }, - { - "name": "http://svn.apache.org/viewvc?view=revision&revision=1581058", - "refsource": "CONFIRM", - "url": "http://svn.apache.org/viewvc?view=revision&revision=1581058" - }, { "name": "57563", "refsource": "SECUNIA", @@ -182,11 +122,6 @@ "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034711" }, - { - "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680703", - "refsource": "CONFIRM", - "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680703" - }, { "name": "1034716", "refsource": "SECTRACK", @@ -212,11 +147,6 @@ "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92023" }, - { - "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", - "refsource": "MISC", - "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" - }, { "refsource": "MLIST", "name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", @@ -228,7 +158,79 @@ "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", + "refsource": "MISC", + "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, + { + "name": "https://issues.apache.org/jira/browse/XALANJ-2435", + "refsource": "CONFIRM", + "url": "https://issues.apache.org/jira/browse/XALANJ-2435" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676093", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676093" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21677967", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21677967" + }, + { + "name": "https://www.tenable.com/security/tns-2018-15", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2018-15" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677145", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677145" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681933", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681933" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21674334", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674334" + }, + { + "name": "http://www.ocert.org/advisories/ocert-2014-002.html", + "refsource": "MISC", + "url": "http://www.ocert.org/advisories/ocert-2014-002.html" + }, + { + "name": "http://svn.apache.org/viewvc?view=revision&revision=1581058", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/viewvc?view=revision&revision=1581058" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680703", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680703" } ] } diff --git a/2015/0xxx/CVE-2015-0254.json b/2015/0xxx/CVE-2015-0254.json index d850ee7d85e..ee483962d77 100644 --- a/2015/0xxx/CVE-2015-0254.json +++ b/2015/0xxx/CVE-2015-0254.json @@ -57,11 +57,6 @@ "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2551-1" }, - { - "name": "http://packetstormsecurity.com/files/130575/Apache-Standard-Taglibs-1.2.1-XXE-Remote-Command-Execution.html", - "refsource": "MISC", - "url": "http://packetstormsecurity.com/files/130575/Apache-Standard-Taglibs-1.2.1-XXE-Remote-Command-Execution.html" - }, { "name": "RHSA-2016:1376", "refsource": "REDHAT", @@ -92,11 +87,6 @@ "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1695.html" }, - { - "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", - "refsource": "CONFIRM", - "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" - }, { "name": "RHSA-2016:1839", "refsource": "REDHAT", @@ -147,6 +137,11 @@ "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" + }, { "refsource": "MLIST", "name": "[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-792) Upgrade to taglibs-standard-impl-1.2.3 due to CVE-2015-0254", @@ -163,7 +158,14 @@ "url": "https://lists.apache.org/thread.html/r6c93d8ade3788dbc00f5a37238bc278e7d859f2446b885460783a16f@%3Cpluto-dev.portals.apache.org%3E" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, + { + "name": "http://packetstormsecurity.com/files/130575/Apache-Standard-Taglibs-1.2.1-XXE-Remote-Command-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/130575/Apache-Standard-Taglibs-1.2.1-XXE-Remote-Command-Execution.html" } ] } diff --git a/2016/0xxx/CVE-2016-0762.json b/2016/0xxx/CVE-2016-0762.json index ceef1f3060c..0c8acd3d40d 100644 --- a/2016/0xxx/CVE-2016-0762.json +++ b/2016/0xxx/CVE-2016-0762.json @@ -65,11 +65,6 @@ }, "references": { "reference_data": [ - { - "name": "https://security.netapp.com/advisory/ntap-20180605-0001/", - "refsource": "CONFIRM", - "url": "https://security.netapp.com/advisory/ntap-20180605-0001/" - }, { "name": "1037144", "refsource": "SECTRACK", @@ -176,7 +171,14 @@ "url": "https://usn.ubuntu.com/4557-1/" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180605-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180605-0001/" } ] } diff --git a/2016/4xxx/CVE-2016-4429.json b/2016/4xxx/CVE-2016-4429.json index 074f67f63dd..3143af93314 100644 --- a/2016/4xxx/CVE-2016-4429.json +++ b/2016/4xxx/CVE-2016-4429.json @@ -67,21 +67,6 @@ "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3759-1/" }, - { - "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=20112", - "refsource": "CONFIRM", - "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20112" - }, - { - "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039", - "refsource": "CONFIRM", - "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039" - }, - { - "name": "https://source.android.com/security/bulletin/2017-12-01", - "refsource": "CONFIRM", - "url": "https://source.android.com/security/bulletin/2017-12-01" - }, { "name": "openSUSE-SU-2016:1527", "refsource": "SUSE", @@ -92,18 +77,35 @@ "refsource": "BID", "url": "http://www.securityfocus.com/bid/102073" }, - { - "name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bc779a1a5b3035133024b21e2f339fe4219fb11c", - "refsource": "CONFIRM", - "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bc779a1a5b3035133024b21e2f339fe4219fb11c" - }, { "refsource": "MLIST", "name": "[debian-lts-announce] 20200628 [SECURITY] [DLA 2256-1] libtirpc security update", "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00027.html" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039" + }, + { + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, + { + "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=20112", + "refsource": "CONFIRM", + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20112" + }, + { + "name": "https://source.android.com/security/bulletin/2017-12-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-12-01" + }, + { + "name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bc779a1a5b3035133024b21e2f339fe4219fb11c", + "refsource": "CONFIRM", + "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bc779a1a5b3035133024b21e2f339fe4219fb11c" } ] } diff --git a/2016/7xxx/CVE-2016-7103.json b/2016/7xxx/CVE-2016-7103.json index 07dc8c82f3f..6c41f0823c1 100644 --- a/2016/7xxx/CVE-2016-7103.json +++ b/2016/7xxx/CVE-2016-7103.json @@ -163,7 +163,9 @@ "url": "https://security.netapp.com/advisory/ntap-20190416-0007/" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } diff --git a/2017/14xxx/CVE-2017-14735.json b/2017/14xxx/CVE-2017-14735.json index b0ff593039c..a9aa756959a 100644 --- a/2017/14xxx/CVE-2017-14735.json +++ b/2017/14xxx/CVE-2017-14735.json @@ -93,7 +93,9 @@ "url": "https://github.com/nahsra/antisamy/issues/10" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } diff --git a/2017/16xxx/CVE-2017-16931.json b/2017/16xxx/CVE-2017-16931.json index 53be9e77d64..442cffb6ca1 100644 --- a/2017/16xxx/CVE-2017-16931.json +++ b/2017/16xxx/CVE-2017-16931.json @@ -52,16 +52,21 @@ }, "references": { "reference_data": [ - { - "name": "https://bugzilla.gnome.org/show_bug.cgi?id=766956", - "refsource": "CONFIRM", - "url": "https://bugzilla.gnome.org/show_bug.cgi?id=766956" - }, { "name": "[debian-lts-announce] 20171130 [SECURITY] [DLA 1194-1] libxml2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html" }, + { + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, + { + "name": "https://bugzilla.gnome.org/show_bug.cgi?id=766956", + "refsource": "CONFIRM", + "url": "https://bugzilla.gnome.org/show_bug.cgi?id=766956" + }, { "name": "http://xmlsoft.org/news.html", "refsource": "CONFIRM", @@ -71,9 +76,6 @@ "name": "https://github.com/GNOME/libxml2/commit/e26630548e7d138d2c560844c43820b6767251e3", "refsource": "CONFIRM", "url": "https://github.com/GNOME/libxml2/commit/e26630548e7d138d2c560844c43820b6767251e3" - }, - { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } diff --git a/2017/3xxx/CVE-2017-3735.json b/2017/3xxx/CVE-2017-3735.json index b176a31ec4d..a99d6e6c11d 100644 --- a/2017/3xxx/CVE-2017-3735.json +++ b/2017/3xxx/CVE-2017-3735.json @@ -61,26 +61,6 @@ "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039726" }, - { - "name": "https://security.netapp.com/advisory/ntap-20171107-0002/", - "refsource": "CONFIRM", - "url": "https://security.netapp.com/advisory/ntap-20171107-0002/" - }, - { - "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", - "refsource": "CONFIRM", - "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" - }, - { - "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource": "CONFIRM", - "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource": "CONFIRM", - "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, { "name": "USN-3611-2", "refsource": "UBUNTU", @@ -96,51 +76,16 @@ "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201712-03" }, - { - "name": "https://support.apple.com/HT208331", - "refsource": "CONFIRM", - "url": "https://support.apple.com/HT208331" - }, { "name": "[debian-lts-announce] 20171109 [SECURITY] [DLA-1157-1] openssl security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00011.html" }, - { - "name": "https://github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822", - "refsource": "MISC", - "url": "https://github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822" - }, { "name": "RHSA-2018:3505", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3505" }, - { - "name": "https://security.netapp.com/advisory/ntap-20170927-0001/", - "refsource": "CONFIRM", - "url": "https://security.netapp.com/advisory/ntap-20170927-0001/" - }, - { - "name": "https://www.tenable.com/security/tns-2017-15", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2017-15" - }, - { - "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource": "CONFIRM", - "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name": "https://www.openssl.org/news/secadv/20171102.txt", - "refsource": "CONFIRM", - "url": "https://www.openssl.org/news/secadv/20171102.txt" - }, - { - "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", - "refsource": "CONFIRM", - "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" - }, { "name": "DSA-4017", "refsource": "DEBIAN", @@ -156,20 +101,35 @@ "refsource": "BID", "url": "http://www.securityfocus.com/bid/100515" }, - { - "name": "https://www.tenable.com/security/tns-2017-14", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2017-14" - }, { "name": "FreeBSD-SA-17:11", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:11.openssl.asc" }, { - "name": "https://www.openssl.org/news/secadv/20170828.txt", + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "refsource": "CONFIRM", - "url": "https://www.openssl.org/news/secadv/20170828.txt" + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" + }, + { + "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", @@ -182,7 +142,49 @@ "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20171107-0002/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20171107-0002/" + }, + { + "name": "https://support.apple.com/HT208331", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208331" + }, + { + "name": "https://github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822", + "refsource": "MISC", + "url": "https://github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20170927-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20170927-0001/" + }, + { + "name": "https://www.tenable.com/security/tns-2017-15", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2017-15" + }, + { + "name": "https://www.openssl.org/news/secadv/20171102.txt", + "refsource": "CONFIRM", + "url": "https://www.openssl.org/news/secadv/20171102.txt" + }, + { + "name": "https://www.tenable.com/security/tns-2017-14", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2017-14" + }, + { + "name": "https://www.openssl.org/news/secadv/20170828.txt", + "refsource": "CONFIRM", + "url": "https://www.openssl.org/news/secadv/20170828.txt" } ] } diff --git a/2017/5xxx/CVE-2017-5461.json b/2017/5xxx/CVE-2017-5461.json index e56e7d725e6..67e38053233 100644 --- a/2017/5xxx/CVE-2017-5461.json +++ b/2017/5xxx/CVE-2017-5461.json @@ -79,21 +79,11 @@ }, "references": { "reference_data": [ - { - "name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.4_release_notes", - "refsource": "CONFIRM", - "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.4_release_notes" - }, { "name": "GLSA-201705-04", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201705-04" }, - { - "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource": "CONFIRM", - "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, { "name": "98050", "refsource": "BID", @@ -109,11 +99,6 @@ "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3831" }, - { - "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", - "refsource": "CONFIRM", - "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" - }, { "name": "RHSA-2017:1100", "refsource": "REDHAT", @@ -124,26 +109,51 @@ "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1102" }, - { - "name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30.1_release_notes", - "refsource": "CONFIRM", - "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30.1_release_notes" - }, { "name": "RHSA-2017:1101", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1101" }, - { - "name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.29.5_release_notes", - "refsource": "CONFIRM", - "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.29.5_release_notes" - }, { "name": "DSA-3872", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3872" }, + { + "name": "1038320", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038320" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" + }, + { + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, + { + "name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.4_release_notes", + "refsource": "CONFIRM", + "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.4_release_notes" + }, + { + "name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30.1_release_notes", + "refsource": "CONFIRM", + "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30.1_release_notes" + }, + { + "name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.29.5_release_notes", + "refsource": "CONFIRM", + "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.29.5_release_notes" + }, { "name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.28.4_release_notes", "refsource": "CONFIRM", @@ -154,11 +164,6 @@ "refsource": "CONFIRM", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/#CVE-2017-5461" }, - { - "name": "1038320", - "refsource": "SECTRACK", - "url": "http://www.securitytracker.com/id/1038320" - }, { "name": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5461", "refsource": "CONFIRM", @@ -178,9 +183,6 @@ "name": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-12/#CVE-2017-5461", "refsource": "CONFIRM", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-12/#CVE-2017-5461" - }, - { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } diff --git a/2017/5xxx/CVE-2017-5637.json b/2017/5xxx/CVE-2017-5637.json index 83a6148d783..e50dad6bea8 100644 --- a/2017/5xxx/CVE-2017-5637.json +++ b/2017/5xxx/CVE-2017-5637.json @@ -112,7 +112,9 @@ "url": "https://issues.apache.org/jira/browse/ZOOKEEPER-2693" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } diff --git a/2017/7xxx/CVE-2017-7656.json b/2017/7xxx/CVE-2017-7656.json index 855dfb33bb9..19175422fc3 100644 --- a/2017/7xxx/CVE-2017-7656.json +++ b/2017/7xxx/CVE-2017-7656.json @@ -125,7 +125,9 @@ "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } diff --git a/2017/7xxx/CVE-2017-7657.json b/2017/7xxx/CVE-2017-7657.json index 02884df489a..17cab7ea7a2 100644 --- a/2017/7xxx/CVE-2017-7657.json +++ b/2017/7xxx/CVE-2017-7657.json @@ -145,7 +145,9 @@ "url": "https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } diff --git a/2017/7xxx/CVE-2017-7658.json b/2017/7xxx/CVE-2017-7658.json index 742ce32dad9..e3afaf09da3 100644 --- a/2017/7xxx/CVE-2017-7658.json +++ b/2017/7xxx/CVE-2017-7658.json @@ -150,7 +150,9 @@ "url": "https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } diff --git a/2017/9xxx/CVE-2017-9735.json b/2017/9xxx/CVE-2017-9735.json index 19a68fde1be..bd9eda17339 100644 --- a/2017/9xxx/CVE-2017-9735.json +++ b/2017/9xxx/CVE-2017-9735.json @@ -113,7 +113,9 @@ "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } diff --git a/2018/0xxx/CVE-2018-0737.json b/2018/0xxx/CVE-2018-0737.json index 560623f307f..5b8d7939e9e 100644 --- a/2018/0xxx/CVE-2018-0737.json +++ b/2018/0xxx/CVE-2018-0737.json @@ -75,41 +75,11 @@ "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html" }, - { - "name": "https://www.tenable.com/security/tns-2018-14", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2018-14" - }, - { - "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133", - "refsource": "CONFIRM", - "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133" - }, - { - "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource": "CONFIRM", - "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, - { - "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=349a41da1ad88ad87825414752a8ff5fdd6a6c3f", - "refsource": "CONFIRM", - "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=349a41da1ad88ad87825414752a8ff5fdd6a6c3f" - }, - { - "name": "https://www.tenable.com/security/tns-2018-13", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2018-13" - }, { "name": "DSA-4355", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4355" }, - { - "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787", - "refsource": "CONFIRM", - "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787" - }, { "name": "USN-3628-2", "refsource": "UBUNTU", @@ -120,21 +90,6 @@ "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201811-21" }, - { - "name": "https://www.openssl.org/news/secadv/20180416.txt", - "refsource": "CONFIRM", - "url": "https://www.openssl.org/news/secadv/20180416.txt" - }, - { - "name": "https://www.tenable.com/security/tns-2018-17", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2018-17" - }, - { - "name": "https://www.tenable.com/security/tns-2018-12", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2018-12" - }, { "name": "USN-3692-2", "refsource": "UBUNTU", @@ -145,11 +100,6 @@ "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3505" }, - { - "name": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/", - "refsource": "CONFIRM", - "url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/" - }, { "name": "103766", "refsource": "BID", @@ -160,11 +110,6 @@ "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3692-1/" }, - { - "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", - "refsource": "CONFIRM", - "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" - }, { "name": "RHSA-2018:3221", "refsource": "REDHAT", @@ -175,11 +120,6 @@ "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4348" }, - { - "name": "https://security.netapp.com/advisory/ntap-20180726-0003/", - "refsource": "CONFIRM", - "url": "https://security.netapp.com/advisory/ntap-20180726-0003/" - }, { "name": "1040685", "refsource": "SECTRACK", @@ -190,16 +130,6 @@ "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3628-1/" }, - { - "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", - "refsource": "MISC", - "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" - }, - { - "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", - "refsource": "MISC", - "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" - }, { "refsource": "FEDORA", "name": "FEDORA-2019-db06efdea1", @@ -236,7 +166,79 @@ "name": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" + }, + { + "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + }, + { + "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", + "refsource": "MISC", + "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" + }, + { + "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", + "refsource": "MISC", + "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "name": "https://www.tenable.com/security/tns-2018-14", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2018-14" + }, + { + "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133", + "refsource": "CONFIRM", + "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133" + }, + { + "name": "https://www.tenable.com/security/tns-2018-13", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2018-13" + }, + { + "name": "https://www.tenable.com/security/tns-2018-17", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2018-17" + }, + { + "name": "https://www.tenable.com/security/tns-2018-12", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2018-12" + }, + { + "name": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/", + "refsource": "CONFIRM", + "url": "https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/" + }, + { + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, + { + "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=349a41da1ad88ad87825414752a8ff5fdd6a6c3f", + "refsource": "CONFIRM", + "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=349a41da1ad88ad87825414752a8ff5fdd6a6c3f" + }, + { + "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787", + "refsource": "CONFIRM", + "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787" + }, + { + "name": "https://www.openssl.org/news/secadv/20180416.txt", + "refsource": "CONFIRM", + "url": "https://www.openssl.org/news/secadv/20180416.txt" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180726-0003/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180726-0003/" } ] } diff --git a/2018/0xxx/CVE-2018-0739.json b/2018/0xxx/CVE-2018-0739.json index 6a731a144b9..a826bfce7b1 100644 --- a/2018/0xxx/CVE-2018-0739.json +++ b/2018/0xxx/CVE-2018-0739.json @@ -70,36 +70,6 @@ }, "references": { "reference_data": [ - { - "name": "https://www.tenable.com/security/tns-2018-07", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2018-07" - }, - { - "name": "https://www.tenable.com/security/tns-2018-04", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2018-04" - }, - { - "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133", - "refsource": "CONFIRM", - "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133" - }, - { - "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", - "refsource": "CONFIRM", - "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" - }, - { - "name": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/", - "refsource": "CONFIRM", - "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/" - }, - { - "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource": "CONFIRM", - "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, { "name": "USN-3611-2", "refsource": "UBUNTU", @@ -125,41 +95,11 @@ "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4157" }, - { - "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33", - "refsource": "CONFIRM", - "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33" - }, { "name": "RHSA-2018:3505", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3505" }, - { - "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9310d45087ae546e27e61ddf8f6367f29848220d", - "refsource": "CONFIRM", - "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9310d45087ae546e27e61ddf8f6367f29848220d" - }, - { - "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource": "CONFIRM", - "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name": "https://www.tenable.com/security/tns-2018-06", - "refsource": "CONFIRM", - "url": "https://www.tenable.com/security/tns-2018-06" - }, - { - "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", - "refsource": "CONFIRM", - "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" - }, - { - "name": "https://security.netapp.com/advisory/ntap-20180330-0002/", - "refsource": "CONFIRM", - "url": "https://security.netapp.com/advisory/ntap-20180330-0002/" - }, { "name": "103518", "refsource": "BID", @@ -175,11 +115,6 @@ "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3221" }, - { - "name": "https://security.netapp.com/advisory/ntap-20180726-0002/", - "refsource": "CONFIRM", - "url": "https://security.netapp.com/advisory/ntap-20180726-0002/" - }, { "name": "105609", "refsource": "BID", @@ -195,11 +130,6 @@ "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00033.html" }, - { - "name": "https://www.openssl.org/news/secadv/20180327.txt", - "refsource": "CONFIRM", - "url": "https://www.openssl.org/news/secadv/20180327.txt" - }, { "name": "RHSA-2019:0366", "refsource": "REDHAT", @@ -210,11 +140,6 @@ "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3090" }, - { - "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", - "refsource": "MISC", - "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" - }, { "refsource": "REDHAT", "name": "RHSA-2019:1711", @@ -225,18 +150,95 @@ "name": "RHSA-2019:1712", "url": "https://access.redhat.com/errata/RHSA-2019:1712" }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" + }, + { + "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + }, + { + "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", + "refsource": "MISC", + "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" + }, { "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, + { + "name": "https://security.netapp.com/advisory/ntap-20180726-0002/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180726-0002/" + }, { "refsource": "GENTOO", "name": "GLSA-202007-53", "url": "https://security.gentoo.org/glsa/202007-53" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133", + "refsource": "CONFIRM", + "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/133" + }, + { + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, + { + "name": "https://www.tenable.com/security/tns-2018-07", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2018-07" + }, + { + "name": "https://www.tenable.com/security/tns-2018-04", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2018-04" + }, + { + "name": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/", + "refsource": "CONFIRM", + "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/" + }, + { + "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33", + "refsource": "CONFIRM", + "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2ac4c6f7b2b2af20c0e2b0ba05367e454cd11b33" + }, + { + "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9310d45087ae546e27e61ddf8f6367f29848220d", + "refsource": "CONFIRM", + "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9310d45087ae546e27e61ddf8f6367f29848220d" + }, + { + "name": "https://www.tenable.com/security/tns-2018-06", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2018-06" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180330-0002/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180330-0002/" + }, + { + "name": "https://www.openssl.org/news/secadv/20180327.txt", + "refsource": "CONFIRM", + "url": "https://www.openssl.org/news/secadv/20180327.txt" } ] } diff --git a/2018/15xxx/CVE-2018-15686.json b/2018/15xxx/CVE-2018-15686.json index 8052494cece..a9972052358 100644 --- a/2018/15xxx/CVE-2018-15686.json +++ b/2018/15xxx/CVE-2018-15686.json @@ -87,11 +87,6 @@ "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html" }, - { - "name": "https://github.com/systemd/systemd/pull/10519", - "refsource": "MISC", - "url": "https://github.com/systemd/systemd/pull/10519" - }, { "name": "105747", "refsource": "BID", @@ -128,7 +123,14 @@ "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, + { + "name": "https://github.com/systemd/systemd/pull/10519", + "refsource": "MISC", + "url": "https://github.com/systemd/systemd/pull/10519" } ] }, diff --git a/2018/15xxx/CVE-2018-15756.json b/2018/15xxx/CVE-2018-15756.json index 43de35a3351..4b64acb8afc 100644 --- a/2018/15xxx/CVE-2018-15756.json +++ b/2018/15xxx/CVE-2018-15756.json @@ -178,7 +178,9 @@ "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] }, diff --git a/2018/21xxx/CVE-2018-21010.json b/2018/21xxx/CVE-2018-21010.json index a35567d8cf7..bb7661b07b3 100644 --- a/2018/21xxx/CVE-2018-21010.json +++ b/2018/21xxx/CVE-2018-21010.json @@ -52,11 +52,6 @@ }, "references": { "reference_data": [ - { - "url": "https://github.com/uclouvain/openjpeg/commit/2e5ab1d9987831c981ff05862e8ccf1381ed58ea", - "refsource": "MISC", - "name": "https://github.com/uclouvain/openjpeg/commit/2e5ab1d9987831c981ff05862e8ccf1381ed58ea" - }, { "refsource": "MLIST", "name": "[debian-lts-announce] 20191008 [SECURITY] [DLA 1950-1] openjpeg2 security update", @@ -68,7 +63,14 @@ "url": "https://security.gentoo.org/glsa/202101-29" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, + { + "url": "https://github.com/uclouvain/openjpeg/commit/2e5ab1d9987831c981ff05862e8ccf1381ed58ea", + "refsource": "MISC", + "name": "https://github.com/uclouvain/openjpeg/commit/2e5ab1d9987831c981ff05862e8ccf1381ed58ea" } ] } diff --git a/2018/7xxx/CVE-2018-7160.json b/2018/7xxx/CVE-2018-7160.json index e1f472471e3..06a96bae673 100644 --- a/2018/7xxx/CVE-2018-7160.json +++ b/2018/7xxx/CVE-2018-7160.json @@ -53,6 +53,11 @@ }, "references": { "reference_data": [ + { + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, { "name": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/", "refsource": "CONFIRM", @@ -62,9 +67,6 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K63025104?utm_source=f5support&utm_medium=RSS", "url": "https://support.f5.com/csp/article/K63025104?utm_source=f5support&utm_medium=RSS" - }, - { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } diff --git a/2018/7xxx/CVE-2018-7183.json b/2018/7xxx/CVE-2018-7183.json index f8148c67622..9d2a6a49aad 100644 --- a/2018/7xxx/CVE-2018-7183.json +++ b/2018/7xxx/CVE-2018-7183.json @@ -67,6 +67,21 @@ "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3707-2/" }, + { + "name": "USN-3707-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3707-1/" + }, + { + "name": "103351", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103351" + }, + { + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, { "name": "https://security.netapp.com/advisory/ntap-20180626-0001/", "refsource": "CONFIRM", @@ -77,21 +92,11 @@ "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S" }, - { - "name": "USN-3707-1", - "refsource": "UBUNTU", - "url": "https://usn.ubuntu.com/3707-1/" - }, { "name": "https://www.synology.com/support/security/Synology_SA_18_13", "refsource": "CONFIRM", "url": "https://www.synology.com/support/security/Synology_SA_18_13" }, - { - "name": "103351", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/103351" - }, { "name": "http://support.ntp.org/bin/view/Main/NtpBug3414", "refsource": "CONFIRM", @@ -101,9 +106,6 @@ "refsource": "CONFIRM", "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" - }, - { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } diff --git a/2019/0xxx/CVE-2019-0190.json b/2019/0xxx/CVE-2019-0190.json index 6d2583da7df..52fc1eddc51 100644 --- a/2019/0xxx/CVE-2019-0190.json +++ b/2019/0xxx/CVE-2019-0190.json @@ -53,36 +53,16 @@ }, "references": { "reference_data": [ - { - "name": "https://httpd.apache.org/security/vulnerabilities_24.html", - "refsource": "CONFIRM", - "url": "https://httpd.apache.org/security/vulnerabilities_24.html" - }, { "name": "106743", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106743" }, - { - "name": "https://security.netapp.com/advisory/ntap-20190125-0001/", - "refsource": "CONFIRM", - "url": "https://security.netapp.com/advisory/ntap-20190125-0001/" - }, { "refsource": "GENTOO", "name": "GLSA-201903-21", "url": "https://security.gentoo.org/glsa/201903-21" }, - { - "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", - "refsource": "MISC", - "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" - }, - { - "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", - "refsource": "MISC", - "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" - }, { "refsource": "MLIST", "name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", @@ -103,6 +83,21 @@ "name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E" }, + { + "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", + "refsource": "MISC", + "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" + }, + { + "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", + "refsource": "MISC", + "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "name": "https://httpd.apache.org/security/vulnerabilities_24.html", + "refsource": "CONFIRM", + "url": "https://httpd.apache.org/security/vulnerabilities_24.html" + }, { "refsource": "MLIST", "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", @@ -149,7 +144,14 @@ "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20190125-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20190125-0001/" } ] } diff --git a/2019/0xxx/CVE-2019-0201.json b/2019/0xxx/CVE-2019-0201.json index 8b8917ffb94..c11dd050aa9 100644 --- a/2019/0xxx/CVE-2019-0201.json +++ b/2019/0xxx/CVE-2019-0201.json @@ -138,7 +138,9 @@ "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] }, diff --git a/2019/0xxx/CVE-2019-0205.json b/2019/0xxx/CVE-2019-0205.json index df9ddc4e700..8b85f2419a3 100644 --- a/2019/0xxx/CVE-2019-0205.json +++ b/2019/0xxx/CVE-2019-0205.json @@ -44,11 +44,6 @@ }, "references": { "reference_data": [ - { - "refsource": "MISC", - "name": "http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/%3CVI1PR0101MB2142E0EA19F582429C3AEBCBB1920%40VI1PR0101MB2142.eurprd01.prod.exchangelabs.com%3E", - "url": "http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/%3CVI1PR0101MB2142E0EA19F582429C3AEBCBB1920%40VI1PR0101MB2142.eurprd01.prod.exchangelabs.com%3E" - }, { "refsource": "MLIST", "name": "[thrift-dev] 20191106 [jira] [Updated] (THRIFT-4997) Nexus Scan Reporting Security issue CVE-2019-0205 for Thrift:", @@ -220,7 +215,14 @@ "url": "https://security.gentoo.org/glsa/202107-32" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, + { + "refsource": "MISC", + "name": "http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/%3CVI1PR0101MB2142E0EA19F582429C3AEBCBB1920%40VI1PR0101MB2142.eurprd01.prod.exchangelabs.com%3E", + "url": "http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/%3CVI1PR0101MB2142E0EA19F582429C3AEBCBB1920%40VI1PR0101MB2142.eurprd01.prod.exchangelabs.com%3E" } ] }, diff --git a/2019/0xxx/CVE-2019-0210.json b/2019/0xxx/CVE-2019-0210.json index 979785fc504..db25bcd7ffa 100644 --- a/2019/0xxx/CVE-2019-0210.json +++ b/2019/0xxx/CVE-2019-0210.json @@ -44,11 +44,6 @@ }, "references": { "reference_data": [ - { - "refsource": "CONFIRM", - "name": "http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/%3C277A46CA87494176B1BBCF5D72624A2A%40HAGGIS%3E", - "url": "http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/%3C277A46CA87494176B1BBCF5D72624A2A%40HAGGIS%3E" - }, { "refsource": "REDHAT", "name": "RHSA-2020:0806", @@ -95,7 +90,14 @@ "url": "https://security.gentoo.org/glsa/202107-32" }, { - "url": "https://www.oracle.com//security-alerts/cpujul2021.html" + "url": "https://www.oracle.com//security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com//security-alerts/cpujul2021.html" + }, + { + "refsource": "CONFIRM", + "name": "http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/%3C277A46CA87494176B1BBCF5D72624A2A%40HAGGIS%3E", + "url": "http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/%3C277A46CA87494176B1BBCF5D72624A2A%40HAGGIS%3E" } ] }, diff --git a/2021/2xxx/CVE-2021-2438.json b/2021/2xxx/CVE-2021-2438.json index 4a978c71a5b..b5c8324340c 100644 --- a/2021/2xxx/CVE-2021-2438.json +++ b/2021/2xxx/CVE-2021-2438.json @@ -1,75 +1,78 @@ - { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secalert_us@oracle.com", - "ID": "CVE-2021-2438" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Database - Enterprise Edition", - "version": { - "version_data": [ - { - "version_value": "12.1.0.2", - "version_affected": "=" - }, - { - "version_value": "12.2.0.1", - "version_affected": "=" - }, - { - "version_value": "19c", - "version_affected": "=" - } - ] - } +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2021-2438", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Database - Enterprise Edition", + "version": { + "version_data": [ + { + "version_value": "12.1.0.2", + "version_affected": "=" + }, + { + "version_value": "12.2.0.1", + "version_affected": "=" + }, + { + "version_value": "19c", + "version_affected": "=" + } + ] } - ] - }, - "vendor_name": "Oracle Corporation" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java VM. CVSS 3.1 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)." - } - ] - }, - "impact": { - "cvss": { - "baseScore": "4.3", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java VM." - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] + }, + "vendor_name": "Oracle Corporation" } ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java VM. CVSS 3.1 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "4.3", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java VM." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] } +} \ No newline at end of file diff --git a/2021/2xxx/CVE-2021-2439.json b/2021/2xxx/CVE-2021-2439.json index fe9ee1ae8ec..ac19be256fa 100644 --- a/2021/2xxx/CVE-2021-2439.json +++ b/2021/2xxx/CVE-2021-2439.json @@ -1,71 +1,74 @@ - { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secalert_us@oracle.com", - "ID": "CVE-2021-2439" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Hyperion BI+", - "version": { - "version_data": [ - { - "version_value": "11.1.2.4", - "version_affected": "=" - }, - { - "version_value": "11.2.5.0", - "version_affected": "=" - } - ] - } +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2021-2439", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Hyperion BI+", + "version": { + "version_data": [ + { + "version_value": "11.1.2.4", + "version_affected": "=" + }, + { + "version_value": "11.2.5.0", + "version_affected": "=" + } + ] } - ] - }, - "vendor_name": "Oracle Corporation" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (component: UI and Visualization). Supported versions that are affected are 11.1.2.4 and 11.2.5.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hyperion BI+. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hyperion BI+ accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)." - } - ] - }, - "impact": { - "cvss": { - "baseScore": "4.3", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hyperion BI+. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hyperion BI+ accessible data." - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] + }, + "vendor_name": "Oracle Corporation" } ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (component: UI and Visualization). Supported versions that are affected are 11.1.2.4 and 11.2.5.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hyperion BI+. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hyperion BI+ accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "4.3", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hyperion BI+. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hyperion BI+ accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] } +} \ No newline at end of file diff --git a/2021/2xxx/CVE-2021-2440.json b/2021/2xxx/CVE-2021-2440.json index 7abed89e3e8..feb8f2948f1 100644 --- a/2021/2xxx/CVE-2021-2440.json +++ b/2021/2xxx/CVE-2021-2440.json @@ -1,67 +1,70 @@ - { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secalert_us@oracle.com", - "ID": "CVE-2021-2440" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "MySQL Server", - "version": { - "version_data": [ - { - "version_value": "8.0.25 and prior", - "version_affected": "=" - } - ] - } +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2021-2440", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MySQL Server", + "version": { + "version_data": [ + { + "version_value": "8.0.25 and prior", + "version_affected": "=" + } + ] } - ] - }, - "vendor_name": "Oracle Corporation" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." - } - ] - }, - "impact": { - "cvss": { - "baseScore": "4.9", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] + }, + "vendor_name": "Oracle Corporation" } ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "4.9", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] } +} \ No newline at end of file diff --git a/2021/2xxx/CVE-2021-2441.json b/2021/2xxx/CVE-2021-2441.json index ade55ebc101..d76e3791f0a 100644 --- a/2021/2xxx/CVE-2021-2441.json +++ b/2021/2xxx/CVE-2021-2441.json @@ -1,67 +1,70 @@ - { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secalert_us@oracle.com", - "ID": "CVE-2021-2441" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "MySQL Server", - "version": { - "version_data": [ - { - "version_value": "8.0.25 and prior", - "version_affected": "=" - } - ] - } +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2021-2441", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MySQL Server", + "version": { + "version_data": [ + { + "version_value": "8.0.25 and prior", + "version_affected": "=" + } + ] } - ] - }, - "vendor_name": "Oracle Corporation" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." - } - ] - }, - "impact": { - "cvss": { - "baseScore": "4.9", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] + }, + "vendor_name": "Oracle Corporation" } ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "4.9", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] } +} \ No newline at end of file diff --git a/2021/2xxx/CVE-2021-2442.json b/2021/2xxx/CVE-2021-2442.json index 0a3a4df0ac2..af8d621e83f 100644 --- a/2021/2xxx/CVE-2021-2442.json +++ b/2021/2xxx/CVE-2021-2442.json @@ -1,67 +1,70 @@ - { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secalert_us@oracle.com", - "ID": "CVE-2021-2442" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "VM VirtualBox", - "version": { - "version_data": [ - { - "version_value": "6.1.24", - "version_affected": "<" - } - ] - } +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2021-2442", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "VM VirtualBox", + "version": { + "version_data": [ + { + "version_value": "6.1.24", + "version_affected": "<" + } + ] } - ] - }, - "vendor_name": "Oracle Corporation" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H)." - } - ] - }, - "impact": { - "cvss": { - "baseScore": "6.0", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox." - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] + }, + "vendor_name": "Oracle Corporation" } ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H)." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "6.0", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] } +} \ No newline at end of file diff --git a/2021/2xxx/CVE-2021-2443.json b/2021/2xxx/CVE-2021-2443.json index 29aa180231d..4448620b9a7 100644 --- a/2021/2xxx/CVE-2021-2443.json +++ b/2021/2xxx/CVE-2021-2443.json @@ -1,67 +1,70 @@ - { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secalert_us@oracle.com", - "ID": "CVE-2021-2443" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "VM VirtualBox", - "version": { - "version_data": [ - { - "version_value": "6.1.24", - "version_affected": "<" - } - ] - } +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2021-2443", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "VM VirtualBox", + "version": { + "version_data": [ + { + "version_value": "6.1.24", + "version_affected": "<" + } + ] } - ] - }, - "vendor_name": "Oracle Corporation" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. Note: This vulnerability applies to Solaris x86 and Linux systems only. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H)." - } - ] - }, - "impact": { - "cvss": { - "baseScore": "7.3", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data." - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] + }, + "vendor_name": "Oracle Corporation" } ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. Note: This vulnerability applies to Solaris x86 and Linux systems only. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H)." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "7.3", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] } +} \ No newline at end of file diff --git a/2021/2xxx/CVE-2021-2444.json b/2021/2xxx/CVE-2021-2444.json index e3c3866f7b3..c47146745ac 100644 --- a/2021/2xxx/CVE-2021-2444.json +++ b/2021/2xxx/CVE-2021-2444.json @@ -1,67 +1,70 @@ - { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secalert_us@oracle.com", - "ID": "CVE-2021-2444" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "MySQL Server", - "version": { - "version_data": [ - { - "version_value": "8.0.23 and prior", - "version_affected": "=" - } - ] - } +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2021-2444", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MySQL Server", + "version": { + "version_data": [ + { + "version_value": "8.0.23 and prior", + "version_affected": "=" + } + ] } - ] - }, - "vendor_name": "Oracle Corporation" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." - } - ] - }, - "impact": { - "cvss": { - "baseScore": "4.9", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] + }, + "vendor_name": "Oracle Corporation" } ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "4.9", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] } +} \ No newline at end of file diff --git a/2021/2xxx/CVE-2021-2445.json b/2021/2xxx/CVE-2021-2445.json index 3f7fe4409c9..26fbe0db9b5 100644 --- a/2021/2xxx/CVE-2021-2445.json +++ b/2021/2xxx/CVE-2021-2445.json @@ -1,67 +1,70 @@ - { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secalert_us@oracle.com", - "ID": "CVE-2021-2445" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Hyperion Infrastructure Technology", - "version": { - "version_data": [ - { - "version_value": "11.2.5.0", - "version_affected": "=" - } - ] - } +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2021-2445", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Hyperion Infrastructure Technology", + "version": { + "version_data": [ + { + "version_value": "11.2.5.0", + "version_affected": "=" + } + ] } - ] - }, - "vendor_name": "Oracle Corporation" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion (component: Lifecycle Management). The supported version that is affected is 11.2.5.0. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Infrastructure Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Hyperion Infrastructure Technology accessible data as well as unauthorized access to critical data or complete access to all Hyperion Infrastructure Technology accessible data. CVSS 3.1 Base Score 5.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N)." - } - ] - }, - "impact": { - "cvss": { - "baseScore": "5.7", - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Infrastructure Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Hyperion Infrastructure Technology accessible data as well as unauthorized access to critical data or complete access to all Hyperion Infrastructure Technology accessible data." - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] + }, + "vendor_name": "Oracle Corporation" } ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion (component: Lifecycle Management). The supported version that is affected is 11.2.5.0. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Infrastructure Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Hyperion Infrastructure Technology accessible data as well as unauthorized access to critical data or complete access to all Hyperion Infrastructure Technology accessible data. CVSS 3.1 Base Score 5.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N)." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "5.7", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Infrastructure Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Hyperion Infrastructure Technology accessible data as well as unauthorized access to critical data or complete access to all Hyperion Infrastructure Technology accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] } +} \ No newline at end of file diff --git a/2021/2xxx/CVE-2021-2446.json b/2021/2xxx/CVE-2021-2446.json index 25b4274cb0f..901f61d3e2f 100644 --- a/2021/2xxx/CVE-2021-2446.json +++ b/2021/2xxx/CVE-2021-2446.json @@ -1,67 +1,70 @@ - { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secalert_us@oracle.com", - "ID": "CVE-2021-2446" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Secure Global Desktop", - "version": { - "version_data": [ - { - "version_value": "5.6", - "version_affected": "=" - } - ] - } +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2021-2446", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Secure Global Desktop", + "version": { + "version_data": [ + { + "version_value": "5.6", + "version_affected": "=" + } + ] } - ] - }, - "vendor_name": "Oracle Corporation" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Client). The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Secure Global Desktop. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Secure Global Desktop, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Secure Global Desktop. CVSS 3.1 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)." - } - ] - }, - "impact": { - "cvss": { - "baseScore": "9.6", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Secure Global Desktop. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Secure Global Desktop, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Secure Global Desktop." - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] + }, + "vendor_name": "Oracle Corporation" } ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Client). The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Secure Global Desktop. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Secure Global Desktop, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Secure Global Desktop. CVSS 3.1 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "9.6", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Secure Global Desktop. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Secure Global Desktop, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Secure Global Desktop." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] } +} \ No newline at end of file diff --git a/2021/2xxx/CVE-2021-2447.json b/2021/2xxx/CVE-2021-2447.json index ae3eae44593..f4ba27374f6 100644 --- a/2021/2xxx/CVE-2021-2447.json +++ b/2021/2xxx/CVE-2021-2447.json @@ -1,67 +1,70 @@ - { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secalert_us@oracle.com", - "ID": "CVE-2021-2447" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Secure Global Desktop", - "version": { - "version_data": [ - { - "version_value": "5.6", - "version_affected": "=" - } - ] - } +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2021-2447", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Secure Global Desktop", + "version": { + "version_data": [ + { + "version_value": "5.6", + "version_affected": "=" + } + ] } - ] - }, - "vendor_name": "Oracle Corporation" - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Server). The supported version that is affected is 5.6. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle Secure Global Desktop. While the vulnerability is in Oracle Secure Global Desktop, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Secure Global Desktop. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)." - } - ] - }, - "impact": { - "cvss": { - "baseScore": "9.9", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle Secure Global Desktop. While the vulnerability is in Oracle Secure Global Desktop, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Secure Global Desktop." - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] + }, + "vendor_name": "Oracle Corporation" } ] } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Server). The supported version that is affected is 5.6. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle Secure Global Desktop. While the vulnerability is in Oracle Secure Global Desktop, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Secure Global Desktop. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)." + } + ] + }, + "impact": { + "cvss": { + "baseScore": "9.9", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle Secure Global Desktop. While the vulnerability is in Oracle Secure Global Desktop, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Secure Global Desktop." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpujul2021.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpujul2021.html" + } + ] } +} \ No newline at end of file