admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-12-27 11:00:40 +00:00
parent 8790c9e80f
commit 9208ca8446
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
7 changed files with 456 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
2021/4xxx/CVE-2021-4285.json Normal file
View File

@ -0,0 +1,104 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-4285",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as problematic was found in Nagios NCPA. This vulnerability affects unknown code of the file agent/listener/templates/tail.html. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 2.4.0 is able to address this issue. The name of the patch is 5abbcd7aa26e0fc815e6b2b0ffe1c15ef3e8fab5. It is recommended to upgrade the affected component. VDB-216874 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "In Nagios NCPA wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Datei agent/listener/templates/tail.html. Durch das Beeinflussen des Arguments name mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Ein Aktualisieren auf die Version 2.4.0 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 5abbcd7aa26e0fc815e6b2b0ffe1c15ef3e8fab5 bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Nagios",
"product": {
"product_data": [
{
"product_name": "NCPA",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.216874",
"refsource": "MISC",
"name": "https://vuldb.com/?id.216874"
},
{
"url": "https://vuldb.com/?ctiid.216874",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.216874"
},
{
"url": "https://github.com/NagiosEnterprises/ncpa/pull/834",
"refsource": "MISC",
"name": "https://github.com/NagiosEnterprises/ncpa/pull/834"
},
{
"url": "https://github.com/NagiosEnterprises/ncpa/commit/5abbcd7aa26e0fc815e6b2b0ffe1c15ef3e8fab5",
"refsource": "MISC",
"name": "https://github.com/NagiosEnterprises/ncpa/commit/5abbcd7aa26e0fc815e6b2b0ffe1c15ef3e8fab5"
},
{
"url": "https://github.com/NagiosEnterprises/ncpa/releases/tag/v2.4.0",
"refsource": "MISC",
"name": "https://github.com/NagiosEnterprises/ncpa/releases/tag/v2.4.0"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.5,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
}
]
}
}

168
2021/4xxx/CVE-2021-4286.json Normal file
View File

@ -0,0 +1,168 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-4286",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, has been found in cocagne pysrp up to 1.0.16. This issue affects the function calculate_x of the file srp/_ctsrp.py. The manipulation leads to information exposure through discrepancy. Upgrading to version 1.0.17 is able to address this issue. The name of the patch is dba52642f5e95d3da7af1780561213ee6053195f. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216875."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in cocagne pysrp bis 1.0.16 entdeckt. Sie wurde als problematisch eingestuft. Davon betroffen ist die Funktion calculate_x der Datei srp/_ctsrp.py. Durch Beeinflussen mit unbekannten Daten kann eine information exposure through discrepancy-Schwachstelle ausgenutzt werden. Ein Aktualisieren auf die Version 1.0.17 vermag dieses Problem zu l\u00f6sen. Der Patch wird als dba52642f5e95d3da7af1780561213ee6053195f bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-203 Information Exposure Through Discrepancy",
"cweId": "CWE-203"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "cocagne",
"product": {
"product_data": [
{
"product_name": "pysrp",
"version": {
"version_data": [
{
"version_value": "1.0.0",
"version_affected": "="
},
{
"version_value": "1.0.1",
"version_affected": "="
},
{
"version_value": "1.0.2",
"version_affected": "="
},
{
"version_value": "1.0.3",
"version_affected": "="
},
{
"version_value": "1.0.4",
"version_affected": "="
},
{
"version_value": "1.0.5",
"version_affected": "="
},
{
"version_value": "1.0.6",
"version_affected": "="
},
{
"version_value": "1.0.7",
"version_affected": "="
},
{
"version_value": "1.0.8",
"version_affected": "="
},
{
"version_value": "1.0.9",
"version_affected": "="
},
{
"version_value": "1.0.10",
"version_affected": "="
},
{
"version_value": "1.0.11",
"version_affected": "="
},
{
"version_value": "1.0.12",
"version_affected": "="
},
{
"version_value": "1.0.13",
"version_affected": "="
},
{
"version_value": "1.0.14",
"version_affected": "="
},
{
"version_value": "1.0.15",
"version_affected": "="
},
{
"version_value": "1.0.16",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.216875",
"refsource": "MISC",
"name": "https://vuldb.com/?id.216875"
},
{
"url": "https://vuldb.com/?ctiid.216875",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.216875"
},
{
"url": "https://github.com/cocagne/pysrp/pull/43",
"refsource": "MISC",
"name": "https://github.com/cocagne/pysrp/pull/43"
},
{
"url": "https://github.com/cocagne/pysrp/commit/dba52642f5e95d3da7af1780561213ee6053195f",
"refsource": "MISC",
"name": "https://github.com/cocagne/pysrp/commit/dba52642f5e95d3da7af1780561213ee6053195f"
},
{
"url": "https://github.com/cocagne/pysrp/releases/tag/1.0.17",
"refsource": "MISC",
"name": "https://github.com/cocagne/pysrp/releases/tag/1.0.17"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 2.6,
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 2.6,
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "LOW"
}
]
}
}

112
2021/4xxx/CVE-2021-4287.json Normal file
View File

@ -0,0 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-4287",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file src/binwalk/modules/extractor.py of the component Archive Extraction Handler. The manipulation leads to symlink following. It is possible to launch the attack remotely. Upgrading to version 2.3.3 is able to address this issue. The name of the patch is fa0c0bd59b8588814756942fe4cb5452e76c1dcd. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216876."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in ReFirm Labs binwalk bis 2.3.2 gefunden. Sie wurde als problematisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Datei src/binwalk/modules/extractor.py der Komponente Archive Extraction Handler. Dank der Manipulation mit unbekannten Daten kann eine symlink following-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Ein Aktualisieren auf die Version 2.3.3 vermag dieses Problem zu l\u00f6sen. Der Patch wird als fa0c0bd59b8588814756942fe4cb5452e76c1dcd bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-61 Symlink Following",
"cweId": "CWE-61"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ReFirm Labs",
"product": {
"product_data": [
{
"product_name": "binwalk",
"version": {
"version_data": [
{
"version_value": "2.3.0",
"version_affected": "="
},
{
"version_value": "2.3.1",
"version_affected": "="
},
{
"version_value": "2.3.2",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.216876",
"refsource": "MISC",
"name": "https://vuldb.com/?id.216876"
},
{
"url": "https://vuldb.com/?ctiid.216876",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.216876"
},
{
"url": "https://github.com/ReFirmLabs/binwalk/pull/556",
"refsource": "MISC",
"name": "https://github.com/ReFirmLabs/binwalk/pull/556"
},
{
"url": "https://github.com/ReFirmLabs/binwalk/commit/fa0c0bd59b8588814756942fe4cb5452e76c1dcd",
"refsource": "MISC",
"name": "https://github.com/ReFirmLabs/binwalk/commit/fa0c0bd59b8588814756942fe4cb5452e76c1dcd"
},
{
"url": "https://github.com/ReFirmLabs/binwalk/releases/tag/v2.3.3",
"refsource": "MISC",
"name": "https://github.com/ReFirmLabs/binwalk/releases/tag/v2.3.3"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5,
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
}
]
}
}

18
2022/4xxx/CVE-2022-4762.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-4762",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/4xxx/CVE-2022-4763.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-4763",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/4xxx/CVE-2022-4764.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-4764",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/4xxx/CVE-2022-4765.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-4765",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}