admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-10 02:04:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-10-11 04:00:34 +00:00
parent 2c9e63c399
commit 90c7c27c16
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
30 changed files with 439 additions and 129 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
2022/22xxx/CVE-2022-22503.json
View File

@ -12,6 +12,11 @@
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/227125",
"name": "ibm-rpa-cve202222503-clickjacking (227125)",
"title": "X-Force Vulnerability Report"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-22503",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22503"
}
]
},
@ -21,7 +26,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Gain Access"
}
]
}
@ -70,18 +75,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Robotic Process Automation",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "21.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "IBM"
}
]
}

15
2022/25xxx/CVE-2022-25795.json
View File

@ -11,21 +11,21 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Revit, Navisworks, Autodesk\u00ae Advance Steel, AutoCAD\u00ae, AutoCAD\u00ae Architecture, AutoCAD\u00ae Electrical, AutoCAD\u00ae Map 3D, AutoCAD\u00ae Mechanical, AutoCAD\u00ae MEP, AutoCAD\u00ae Plant 3D, AutoCAD\u00ae LT, Autodesk\u00ae Civil 3D, AutoCAD\u00ae Mac, AutoCAD\u00ae LT for Mac",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "prior to 9.0.7"
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -36,7 +36,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Out-of-bound Write"
}
]
}
@ -53,6 +53,11 @@
"refsource": "MISC",
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010;",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0010;"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-25795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25795"
}
]
},

20
2022/27xxx/CVE-2022-27810.json
View File

@ -9,21 +9,26 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Facebook",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Hermes",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "!>=",
"version_value": "0.12.0"
},
{
"version_affected": "<",
"version_value": "0.12.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -45,7 +50,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-674: Uncontrolled Recursion"
}
]
}
@ -57,6 +62,11 @@
"refsource": "CONFIRM",
"name": "https://www.facebook.com/security/advisories/cve-2022-27810",
"url": "https://www.facebook.com/security/advisories/cve-2022-27810"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-27810",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27810"
}
]
}

15
2022/2xxx/CVE-2022-2553.json
View File

@ -11,21 +11,21 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Booth",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "Booth versions after v1.0-85-gda79b8b are vulnerable. Resolved in booth v1.0-263-g35bf0b7."
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -36,7 +36,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-287"
}
]
}
@ -63,6 +63,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-6744980220",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OHDOFX7NQFH3UGZZA3SGW5SVMDDHIUVD/"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-2553",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2553"
}
]
},

14
2022/2xxx/CVE-2022-2637.json
View File

@ -12,18 +12,19 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Hitachi Storage Plug-in for VMware vCenter",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "04.8.0"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "Hitachi"
}
]
}
@ -64,7 +65,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-266 Incorrect Privilege Assignment"
}
]
}
@ -76,6 +77,11 @@
"name": "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-131/index.html",
"refsource": "MISC",
"url": "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-131/index.html"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2637"
}
]
},

36
2022/2xxx/CVE-2022-2781.json
View File

@ -11,21 +11,42 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Octopus Deploy",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Octopus Server",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "3.2.10",
"version_affected": ">="
},
{
"version_value": "2022.1.3154",
"version_affected": "<"
},
{
"version_value": "2022.2.6729",
"version_affected": ">="
},
{
"version_value": "2022.2.7897",
"version_affected": "<"
},
{
"version_value": "2022.3.348",
"version_affected": ">="
},
{
"version_value": "2022.3.10586",
"version_affected": "<"
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -36,7 +57,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Encryption"
}
]
}
@ -48,6 +69,11 @@
"url": "https://advisories.octopus.com/post/2022/sa2022-16/",
"refsource": "MISC",
"name": "https://advisories.octopus.com/post/2022/sa2022-16/"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2781"
}
]
},

36
2022/2xxx/CVE-2022-2783.json
View File

@ -11,21 +11,42 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Octopus Deploy",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Octopus Server",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "3.12.0",
"version_affected": ">="
},
{
"version_value": "2022.1.3154",
"version_affected": "<"
},
{
"version_value": "2022.2.6729",
"version_affected": ">="
},
{
"version_value": "2022.2.7897",
"version_affected": "<"
},
{
"version_value": "2022.3.348",
"version_affected": ">="
},
{
"version_value": "2022.3.10586",
"version_affected": "<"
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -36,7 +57,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CSRF"
}
]
}
@ -48,6 +69,11 @@
"url": "https://advisories.octopus.com/post/2022/sa2022-17/",
"refsource": "MISC",
"name": "https://advisories.octopus.com/post/2022/sa2022-17/"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-2783",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2783"
}
]
},

18
2022/2xxx/CVE-2022-2928.json
View File

@ -16,18 +16,23 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "ISC DHCP",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_name": "4.4",
"version_value": "4.4.0 through versions before 4.4.3-P1"
},
{
"version_name": "4.1 ESV",
"version_value": "4.1-ESV-R1 through versions before 4.1-ESV-R16-P1"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "ISC"
}
]
}
@ -74,7 +79,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "A DHCP server configured with allow leasequery;, a remote machine with access to the server can send lease queries for the same lease multiple times, leading to the add_option() function being repeatedly called. This could cause an option's refcount field to overflow and the server to abort. Internally, reference counters are integers and thus overflow at 2^31 references, so even at 1000 lease query responses per second, it would take more than three weeks to crash the server. Affects In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1"
}
]
}
@ -86,6 +91,11 @@
"name": "https://kb.isc.org/docs/cve-2022-2928",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/cve-2022-2928"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
}
]
},

18
2022/2xxx/CVE-2022-2929.json
View File

@ -16,18 +16,23 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "ISC DHCP",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_name": "1.0",
"version_value": "1.0 through versions before 4.1-ESV-R16-P2"
},
{
"version_name": "4.2",
"version_value": "4.2 through versions before 4.4.3.-P1"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "ISC"
}
]
}
@ -74,7 +79,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "The function fqdn_universe_decode() allocates buffer space for the contents of option 81 (fqdn) data received in a DHCP packet. The maximum length of a DNS label is 63 bytes. The function tests the length byte of each label contained in the fqdn; if it finds a label whose length byte value is larger than 63, it returns without dereferencing the buffer space. This will cause a memory leak. Affects In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1"
}
]
}
@ -86,6 +91,11 @@
"name": "https://kb.isc.org/docs/cve-2022-2929",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/cve-2022-2929"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
}
]
},

20
2022/2xxx/CVE-2022-2975.json
View File

@ -12,18 +12,25 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Avaya Aura Application Enablement Services",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "<=",
"version_name": "10.1.x",
"version_value": "10.1.0.1"
},
{
"version_affected": "<=",
"version_name": "8.x",
"version_value": "8.1.3.4"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "Avaya"
}
]
}
@ -64,7 +71,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-269 Improper Privilege Management"
}
]
}
@ -76,6 +83,11 @@
"refsource": "MISC",
"url": "https://download.avaya.com/css/public/documents/101083688",
"name": "https://download.avaya.com/css/public/documents/101083688"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2975"
}
]
},

15
2022/2xxx/CVE-2022-2986.json
View File

@ -11,21 +11,21 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "moodle",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "moodle 4.0.3 and moodle 3.11.9"
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -36,7 +36,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CSRF"
}
]
}
@ -53,6 +53,11 @@
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75326",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75326"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-2986",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2986"
}
]
},

19
2022/31xxx/CVE-2022-31008.json
View File

@ -12,18 +12,24 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "rabbitmq-server",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 3.8.32"
},
{
"version_value": ">= 3.9.0, < 3.9.18"
},
{
"version_value": ">= 3.10.0, < 3.10.2"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "rabbitmq"
}
]
}
@ -61,7 +67,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-330: Use of Insufficiently Random Values"
}
]
}
@ -78,6 +84,11 @@
"name": "https://github.com/rabbitmq/rabbitmq-server/pull/4841",
"refsource": "MISC",
"url": "https://github.com/rabbitmq/rabbitmq-server/pull/4841"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-31008",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31008"
}
]
},

58
2022/31xxx/CVE-2022-31252.json
View File

@ -13,18 +13,63 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "SUSE Linux Enterprise Server 12-SP5",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "<",
"version_name": "permissions",
"version_value": "20170707"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "SUSE"
},
{
"product": {
"product_data": [
{
"product_name": "openSUSE Leap 15.3",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "permissions",
"version_value": "20200127"
}
]
}
},
{
"product_name": "openSUSE Leap 15.4",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "permissions",
"version_value": "20201225"
}
]
}
},
{
"product_name": "openSUSE Leap Micro 5.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "permissions",
"version_value": "20181225"
}
]
}
}
]
},
"vendor_name": "openSUSE"
}
]
}
@ -71,7 +116,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-863: Incorrect Authorization"
}
]
}
@ -83,6 +128,11 @@
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1203018",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1203018"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-31252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31252"
}
]
},

20
2022/32xxx/CVE-2022-32171.json
View File

@ -10,21 +10,26 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "zinc",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "zinc",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "v0.1.9",
"version_affected": ">="
},
{
"version_value": "v0.3.1",
"version_affected": "<="
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -76,6 +81,11 @@
"refsource": "MISC",
"url": "https://www.mend.io/vulnerability-database/CVE-2022-32171",
"name": "https://www.mend.io/vulnerability-database/CVE-2022-32171"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-32171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32171"
}
]
},
@ -85,7 +95,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}

20
2022/32xxx/CVE-2022-32172.json
View File

@ -10,21 +10,26 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "zinc",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "zinc",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "v0.1.9",
"version_affected": ">="
},
{
"version_value": "v0.3.1",
"version_affected": "<="
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -76,6 +81,11 @@
"refsource": "MISC",
"url": "https://github.com/zinclabs/zinc/commit/3376c248bade163430f9347742428f0a82cd322d",
"name": "https://github.com/zinclabs/zinc/commit/3376c248bade163430f9347742428f0a82cd322d"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-32172",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32172"
}
]
},
@ -85,7 +95,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}

30
2022/37xxx/CVE-2022-37888.json
View File

@ -11,21 +11,36 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Aruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series;",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below"
},
{
"version_value": "Aruba InstantOS 6.5.x: 6.5.4.23 and below"
},
{
"version_value": "Aruba InstantOS 8.6.x: 8.6.0.18 and below"
},
{
"version_value": "Aruba InstantOS 8.7.x: 8.7.1.9 and below"
},
{
"version_value": "Aruba InstantOS 8.10.x: 8.10.0.1 and below"
},
{
"version_value": "ArubaOS 10.3.x: 10.3.1.0 and below"
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -36,7 +51,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Buffer Overflow Vulnerability"
}
]
}
@ -48,6 +63,11 @@
"refsource": "MISC",
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-37888",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37888"
}
]
},

13
2022/39xxx/CVE-2022-39222.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "dex",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 2.35.0"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "dexidp"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
@ -78,6 +78,11 @@
"name": "https://github.com/dexidp/dex/commit/49471b14c8080ddb034d4855841123d378b7a634",
"refsource": "MISC",
"url": "https://github.com/dexidp/dex/commit/49471b14c8080ddb034d4855841123d378b7a634"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-39222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39222"
}
]
},

13
2022/39xxx/CVE-2022-39237.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "sif",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 2.8.1"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "sylabs"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-347: Improper Verification of Cryptographic Signature"
}
]
}
@ -78,6 +78,11 @@
"name": "https://github.com/sylabs/sif/commit/07fb86029a12e3210f6131e065570124605daeaa",
"refsource": "MISC",
"url": "https://github.com/sylabs/sif/commit/07fb86029a12e3210f6131e065570124605daeaa"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-39237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39237"
}
]
},

13
2022/39xxx/CVE-2022-39244.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "pjproject",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 2.13"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "pjsip"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"
}
]
}
@ -78,6 +78,11 @@
"name": "https://github.com/pjsip/pjproject/commit/c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae",
"refsource": "MISC",
"url": "https://github.com/pjsip/pjproject/commit/c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-39244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39244"
}
]
},

13
2022/39xxx/CVE-2022-39265.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "mybb",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 1.8.31"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "mybb"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')"
}
]
}
@ -88,6 +88,11 @@
"name": "https://mybb.com/versions/1.8.31/",
"refsource": "MISC",
"url": "https://mybb.com/versions/1.8.31/"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-39265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39265"
}
]
},

13
2022/39xxx/CVE-2022-39269.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "pjproject",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": ">= 2.11, < 2.13"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "pjsip"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-319: Cleartext Transmission of Sensitive Information"
}
]
}
@ -78,6 +78,11 @@
"name": "https://github.com/pjsip/pjproject/commit/d2acb9af4e27b5ba75d658690406cec9c274c5cc",
"refsource": "MISC",
"url": "https://github.com/pjsip/pjproject/commit/d2acb9af4e27b5ba75d658690406cec9c274c5cc"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-39269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39269"
}
]
},

13
2022/39xxx/CVE-2022-39270.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "DiscoTOC",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 2.1.0"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "discourse"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
@ -78,6 +78,11 @@
"name": "https://github.com/discourse/DiscoTOC/commit/f80c215a283cd045d2a371403e6eba88b2911192",
"refsource": "MISC",
"url": "https://github.com/discourse/DiscoTOC/commit/f80c215a283cd045d2a371403e6eba88b2911192"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-39270",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39270"
}
]
},

13
2022/39xxx/CVE-2022-39273.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "flyteadmin",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 1.1.44"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "flyteorg"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-798: Use of Hard-coded Credentials"
}
]
}
@ -83,6 +83,11 @@
"name": "https://docs.flyte.org/en/latest/deployment/cluster_config/auth_setup.html#oauth2-authorization-server",
"refsource": "MISC",
"url": "https://docs.flyte.org/en/latest/deployment/cluster_config/auth_setup.html#oauth2-authorization-server"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-39273",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39273"
}
]
},

13
2022/39xxx/CVE-2022-39274.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "LoRaMac-node",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 4.7.0"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "Lora-net"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"
}
]
}
@ -83,6 +83,11 @@
"name": "https://github.com/Lora-net/LoRaMac-node/releases/tag/v4.7.0",
"refsource": "MISC",
"url": "https://github.com/Lora-net/LoRaMac-node/releases/tag/v4.7.0"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-39274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39274"
}
]
},

31
2022/39xxx/CVE-2022-39275.json
View File

@ -12,18 +12,36 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "saleor",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": ">= 2.0.0, < 3.1.24"
},
{
"version_value": ">= 3.2.0, < 3.2.14"
},
{
"version_value": ">= 3.3.0, < 3.3.26"
},
{
"version_value": ">= 3.4.0, < 3.4.24"
},
{
"version_value": ">= 3.5.0, < 3.5.23"
},
{
"version_value": ">= 3.6.0, < 3.6.18"
},
{
"version_value": ">= 3.7.0, < 3.7.17"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "saleor"
}
]
}
@ -61,7 +79,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-863: Incorrect Authorization"
}
]
}
@ -78,6 +96,11 @@
"name": "https://github.com/saleor/saleor/commit/96e04c092ddcac17b14f2e31554aa02d9006d0ce",
"refsource": "MISC",
"url": "https://github.com/saleor/saleor/commit/96e04c092ddcac17b14f2e31554aa02d9006d0ce"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-39275",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39275"
}
]
},

13
2022/39xxx/CVE-2022-39279.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "discourse-chat",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 0.9"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "discourse"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
@ -78,6 +78,11 @@
"name": "https://github.com/discourse/discourse-chat/commit/25737733af48e5b9fa60b0561d7fde14bea13cce",
"refsource": "MISC",
"url": "https://github.com/discourse/discourse-chat/commit/25737733af48e5b9fa60b0561d7fde14bea13cce"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-39279",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39279"
}
]
},

13
2022/39xxx/CVE-2022-39280.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "dparse",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 0.5.2"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "pyupio"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
@ -88,6 +88,11 @@
"name": "https://github.com/pyupio/dparse/commit/d87364f9db9ab916451b1b036cfeb039e726e614",
"refsource": "MISC",
"url": "https://github.com/pyupio/dparse/commit/d87364f9db9ab916451b1b036cfeb039e726e614"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-39280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39280"
}
]
},

13
2022/39xxx/CVE-2022-39284.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "CodeIgniter4",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "< 4.2.7"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "codeigniter4"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-665: Improper Initialization"
}
]
}
@ -98,6 +98,11 @@
"name": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies",
"refsource": "MISC",
"url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-39284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39284"
}
]
},

13
2022/39xxx/CVE-2022-39292.json
View File

@ -12,18 +12,18 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "slack-morphism-rust",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "<= 1.3.0"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "abdolence"
}
]
}
@ -61,7 +61,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-1258: Exposure of Sensitive System Information Due to Uncleared Debug Information"
}
]
}
@ -78,6 +78,11 @@
"name": "https://github.com/abdolence/slack-morphism-rust/releases/tag/v1.3.2",
"refsource": "MISC",
"url": "https://github.com/abdolence/slack-morphism-rust/releases/tag/v1.3.2"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-39292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39292"
}
]
},

14
2022/3xxx/CVE-2022-3002.json
View File

@ -12,18 +12,19 @@
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "yetiforcecompany/yetiforcecrm",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "<",
"version_value": "6.4.0"
}
]
}
}
]
},
"vendor_name": "n/a"
"vendor_name": "yetiforcecompany"
}
]
}
@ -61,7 +62,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
@ -78,6 +79,11 @@
"name": "https://github.com/yetiforcecompany/yetiforcecrm/commit/54728becfdad9b6e686bbe336007cba2ce518248",
"refsource": "MISC",
"url": "https://github.com/yetiforcecompany/yetiforcecrm/commit/54728becfdad9b6e686bbe336007cba2ce518248"
},
{
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2022-3002",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3002"
}
]
},