From 905fc1cf965f471c106f4e64cc2ad1043abc3141 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 24 Nov 2020 22:01:49 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/13xxx/CVE-2020-13942.json | 5 +++++ 2020/26xxx/CVE-2020-26232.json | 2 +- 2020/26xxx/CVE-2020-26235.json | 2 +- 2020/26xxx/CVE-2020-26570.json | 5 +++++ 2020/26xxx/CVE-2020-26571.json | 5 +++++ 2020/26xxx/CVE-2020-26572.json | 5 +++++ 2020/29xxx/CVE-2020-29064.json | 18 ++++++++++++++++++ 2020/29xxx/CVE-2020-29065.json | 18 ++++++++++++++++++ 2020/29xxx/CVE-2020-29066.json | 18 ++++++++++++++++++ 2020/29xxx/CVE-2020-29067.json | 18 ++++++++++++++++++ 2020/29xxx/CVE-2020-29068.json | 18 ++++++++++++++++++ 11 files changed, 112 insertions(+), 2 deletions(-) create mode 100644 2020/29xxx/CVE-2020-29064.json create mode 100644 2020/29xxx/CVE-2020-29065.json create mode 100644 2020/29xxx/CVE-2020-29066.json create mode 100644 2020/29xxx/CVE-2020-29067.json create mode 100644 2020/29xxx/CVE-2020-29068.json diff --git a/2020/13xxx/CVE-2020-13942.json b/2020/13xxx/CVE-2020-13942.json index af6d3c5be9f..c154b679bc2 100644 --- a/2020/13xxx/CVE-2020-13942.json +++ b/2020/13xxx/CVE-2020-13942.json @@ -82,6 +82,11 @@ "refsource": "MLIST", "name": "[unomi-dev] 20201124 Apache Unomi 1.5.4 Release", "url": "https://lists.apache.org/thread.html/r4a8fa91836687eaca42b5420a778ca8c8fd3a3740e4cf4401acc9118@%3Cdev.unomi.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20201124 CVE-2020-13942: Remote Code Execution in Apache Unomi", + "url": "http://www.openwall.com/lists/oss-security/2020/11/24/5" } ] }, diff --git a/2020/26xxx/CVE-2020-26232.json b/2020/26xxx/CVE-2020-26232.json index 2c9a36f6bb4..0932033d47a 100644 --- a/2020/26xxx/CVE-2020-26232.json +++ b/2020/26xxx/CVE-2020-26232.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "Jupyter Server before version 1.0.6 has an Open redirect vulnerability. A maliciously crafted link to a jupyter server could redirect the browser to a different website.\n\nAll jupyter servers are technically affected, however, these maliciously crafted links can only be reasonably made for known jupyter server hosts. A link to your jupyter server may appear safe, but ultimately redirect to a spoofed server on the public internet." + "value": "Jupyter Server before version 1.0.6 has an Open redirect vulnerability. A maliciously crafted link to a jupyter server could redirect the browser to a different website. All jupyter servers are technically affected, however, these maliciously crafted links can only be reasonably made for known jupyter server hosts. A link to your jupyter server may appear safe, but ultimately redirect to a spoofed server on the public internet." } ] }, diff --git a/2020/26xxx/CVE-2020-26235.json b/2020/26xxx/CVE-2020-26235.json index 656525e1d3e..bade5235061 100644 --- a/2020/26xxx/CVE-2020-26235.json +++ b/2020/26xxx/CVE-2020-26235.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to set any environment variable in a different thread than the affected functions.\n\nThe affected functions are time::UtcOffset::local_offset_at, time::UtcOffset::try_local_offset_at, time::UtcOffset::current_local_offset, time::UtcOffset::try_current_local_offset, time::OffsetDateTime::now_local and time::OffsetDateTime::try_now_local.\n\nNon-Unix targets are unaffected. This includes Windows and wasm.\n\nThe issue was introduced in version 0.2.7 and fixed in version 0.2.23." + "value": "In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to set any environment variable in a different thread than the affected functions. The affected functions are time::UtcOffset::local_offset_at, time::UtcOffset::try_local_offset_at, time::UtcOffset::current_local_offset, time::UtcOffset::try_current_local_offset, time::OffsetDateTime::now_local and time::OffsetDateTime::try_now_local. Non-Unix targets are unaffected. This includes Windows and wasm. The issue was introduced in version 0.2.7 and fixed in version 0.2.23." } ] }, diff --git a/2020/26xxx/CVE-2020-26570.json b/2020/26xxx/CVE-2020-26570.json index 8cc78f93828..6b704aae37b 100644 --- a/2020/26xxx/CVE-2020-26570.json +++ b/2020/26xxx/CVE-2020-26570.json @@ -61,6 +61,11 @@ "url": "https://github.com/OpenSC/OpenSC/commit/6903aebfddc466d966c7b865fae34572bf3ed23e", "refsource": "MISC", "name": "https://github.com/OpenSC/OpenSC/commit/6903aebfddc466d966c7b865fae34572bf3ed23e" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20201124 OpenSC 0.21.0 released", + "url": "http://www.openwall.com/lists/oss-security/2020/11/24/4" } ] } diff --git a/2020/26xxx/CVE-2020-26571.json b/2020/26xxx/CVE-2020-26571.json index 095d9818eab..dacb0f3ed8d 100644 --- a/2020/26xxx/CVE-2020-26571.json +++ b/2020/26xxx/CVE-2020-26571.json @@ -56,6 +56,11 @@ "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20612", "refsource": "MISC", "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20612" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20201124 OpenSC 0.21.0 released", + "url": "http://www.openwall.com/lists/oss-security/2020/11/24/4" } ] } diff --git a/2020/26xxx/CVE-2020-26572.json b/2020/26xxx/CVE-2020-26572.json index 7142650a396..072a485cb59 100644 --- a/2020/26xxx/CVE-2020-26572.json +++ b/2020/26xxx/CVE-2020-26572.json @@ -61,6 +61,11 @@ "url": "https://github.com/OpenSC/OpenSC/commit/9d294de90d1cc66956389856e60b6944b27b4817", "refsource": "MISC", "name": "https://github.com/OpenSC/OpenSC/commit/9d294de90d1cc66956389856e60b6944b27b4817" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20201124 OpenSC 0.21.0 released", + "url": "http://www.openwall.com/lists/oss-security/2020/11/24/4" } ] } diff --git a/2020/29xxx/CVE-2020-29064.json b/2020/29xxx/CVE-2020-29064.json new file mode 100644 index 00000000000..d9645937b54 --- /dev/null +++ b/2020/29xxx/CVE-2020-29064.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-29064", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/29xxx/CVE-2020-29065.json b/2020/29xxx/CVE-2020-29065.json new file mode 100644 index 00000000000..620b6786e17 --- /dev/null +++ b/2020/29xxx/CVE-2020-29065.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-29065", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/29xxx/CVE-2020-29066.json b/2020/29xxx/CVE-2020-29066.json new file mode 100644 index 00000000000..444ec319f05 --- /dev/null +++ b/2020/29xxx/CVE-2020-29066.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-29066", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/29xxx/CVE-2020-29067.json b/2020/29xxx/CVE-2020-29067.json new file mode 100644 index 00000000000..696730c2ed9 --- /dev/null +++ b/2020/29xxx/CVE-2020-29067.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-29067", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/29xxx/CVE-2020-29068.json b/2020/29xxx/CVE-2020-29068.json new file mode 100644 index 00000000000..15135de1666 --- /dev/null +++ b/2020/29xxx/CVE-2020-29068.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-29068", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file