From 97ffea1708c00ec8976f220e32288973d9415131 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 16 Jun 2020 23:01:28 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/14xxx/CVE-2020-14213.json | 67 ++++++++++++++++++++++++++++++++++ 2020/14xxx/CVE-2020-14214.json | 67 ++++++++++++++++++++++++++++++++++ 2020/4xxx/CVE-2020-4053.json | 2 +- 2020/4xxx/CVE-2020-4054.json | 2 +- 4 files changed, 136 insertions(+), 2 deletions(-) create mode 100644 2020/14xxx/CVE-2020-14213.json create mode 100644 2020/14xxx/CVE-2020-14214.json diff --git a/2020/14xxx/CVE-2020-14213.json b/2020/14xxx/CVE-2020-14213.json new file mode 100644 index 00000000000..816c6f265d2 --- /dev/null +++ b/2020/14xxx/CVE-2020-14213.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-14213", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Zammad before 3.3.1, a Customer has ticket access that should only be available to an Agent (e.g., read internal data, split, or merge)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://zammad.com/news/security-advisory-zaa-2020-13", + "refsource": "MISC", + "name": "https://zammad.com/news/security-advisory-zaa-2020-13" + }, + { + "url": "https://github.com/zammad/zammad/commit/6e56aee25439b7a3211a6704a9d60453ad623ae4", + "refsource": "MISC", + "name": "https://github.com/zammad/zammad/commit/6e56aee25439b7a3211a6704a9d60453ad623ae4" + } + ] + } +} \ No newline at end of file diff --git a/2020/14xxx/CVE-2020-14214.json b/2020/14xxx/CVE-2020-14214.json new file mode 100644 index 00000000000..c5516cdf5ca --- /dev/null +++ b/2020/14xxx/CVE-2020-14214.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-14214", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Zammad before 3.3.1, when Domain Based Assignment is enabled, relies on a claimed e-mail address for authorization decisions. An attacker can register a new account that will have access to all tickets of an arbitrary Organization." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://zammad.com/news/security-advisory-zaa-2020-12", + "refsource": "MISC", + "name": "https://zammad.com/news/security-advisory-zaa-2020-12" + }, + { + "url": "https://github.com/zammad/zammad/commit/40148392426f626cb779c76d6bdda0f67bd6069d", + "refsource": "MISC", + "name": "https://github.com/zammad/zammad/commit/40148392426f626cb779c76d6bdda0f67bd6069d" + } + ] + } +} \ No newline at end of file diff --git a/2020/4xxx/CVE-2020-4053.json b/2020/4xxx/CVE-2020-4053.json index b447a9893c8..5f92c559cc9 100644 --- a/2020/4xxx/CVE-2020-4053.json +++ b/2020/4xxx/CVE-2020-4053.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins from a tar archive over HTTP. It is possible for a malicious plugin author to inject a relative\npath into a plugin archive, and copy a file outside of the intended directory.\n\nThis has been fixed in 3.2.4." + "value": "In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins from a tar archive over HTTP. It is possible for a malicious plugin author to inject a relative path into a plugin archive, and copy a file outside of the intended directory. This has been fixed in 3.2.4." } ] }, diff --git a/2020/4xxx/CVE-2020-4054.json b/2020/4xxx/CVE-2020-4054.json index 89607be63c0..30c116cfa9d 100644 --- a/2020/4xxx/CVE-2020-4054.json +++ b/2020/4xxx/CVE-2020-4054.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "In Sanitize (RubyGem sanitize) greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability. When HTML is sanitized using Sanitize's \"relaxed\" config, or a custom config that allows certain elements, some content in a math or svg element may not be sanitized correctly even if math and svg are not in the allowlist.\n\nYou are likely to be vulnerable to this issue if you use Sanitize's relaxed config or a custom config that allows one or more of the following HTML elements: iframe, math, noembed, noframes, noscript, plaintext, script, style, svg, xmp.\n\nUsing carefully crafted input, an attacker may be able to sneak arbitrary HTML through Sanitize, potentially resulting in XSS (cross-site scripting) or other undesired behavior when that HTML is rendered in a browser.\n\nThis has been fixed in 5.2.1." + "value": "In Sanitize (RubyGem sanitize) greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability. When HTML is sanitized using Sanitize's \"relaxed\" config, or a custom config that allows certain elements, some content in a math or svg element may not be sanitized correctly even if math and svg are not in the allowlist. You are likely to be vulnerable to this issue if you use Sanitize's relaxed config or a custom config that allows one or more of the following HTML elements: iframe, math, noembed, noframes, noscript, plaintext, script, style, svg, xmp. Using carefully crafted input, an attacker may be able to sneak arbitrary HTML through Sanitize, potentially resulting in XSS (cross-site scripting) or other undesired behavior when that HTML is rendered in a browser. This has been fixed in 5.2.1." } ] },