From 99232f27b3e8bc7ee92ef9be670f0ea22b42c37d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 5 Aug 2021 20:01:26 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/21xxx/CVE-2021-21738.json | 50 +++++++++++++- 2021/21xxx/CVE-2021-21739.json | 50 +++++++++++++- 2021/21xxx/CVE-2021-21863.json | 50 +++++++++++++- 2021/22xxx/CVE-2021-22240.json | 90 ++++++++++++++++++++++-- 2021/22xxx/CVE-2021-22241.json | 87 ++++++++++++++++++++++-- 2021/23xxx/CVE-2021-23849.json | 74 +++++++++++++++++++- 2021/25xxx/CVE-2021-25443.json | 66 ++++++++++++++++-- 2021/25xxx/CVE-2021-25444.json | 66 ++++++++++++++++-- 2021/25xxx/CVE-2021-25445.json | 66 ++++++++++++++++-- 2021/25xxx/CVE-2021-25446.json | 66 ++++++++++++++++-- 2021/25xxx/CVE-2021-25447.json | 66 ++++++++++++++++-- 2021/25xxx/CVE-2021-25448.json | 66 ++++++++++++++++-- 2021/29xxx/CVE-2021-29969.json | 56 ++++++++++++++- 2021/29xxx/CVE-2021-29970.json | 88 +++++++++++++++++++++++- 2021/29xxx/CVE-2021-29971.json | 56 ++++++++++++++- 2021/29xxx/CVE-2021-29972.json | 56 ++++++++++++++- 2021/29xxx/CVE-2021-29973.json | 56 ++++++++++++++- 2021/29xxx/CVE-2021-29974.json | 56 ++++++++++++++- 2021/29xxx/CVE-2021-29975.json | 56 ++++++++++++++- 2021/29xxx/CVE-2021-29976.json | 88 +++++++++++++++++++++++- 2021/29xxx/CVE-2021-29977.json | 56 ++++++++++++++- 2021/29xxx/CVE-2021-29978.json | 121 ++++++++++++++++++++++++++++++++- 2021/32xxx/CVE-2021-32577.json | 56 +++++++++++++-- 2021/32xxx/CVE-2021-32578.json | 56 +++++++++++++-- 2021/32xxx/CVE-2021-32581.json | 66 ++++++++++++++++-- 2021/33xxx/CVE-2021-33596.json | 93 +++++++++++++++++++++++-- 2021/34xxx/CVE-2021-34371.json | 56 +++++++++++++-- 2021/34xxx/CVE-2021-34631.json | 95 ++++++++++++++++++++++++-- 2021/35xxx/CVE-2021-35306.json | 56 +++++++++++++-- 2021/35xxx/CVE-2021-35307.json | 56 +++++++++++++-- 2021/36xxx/CVE-2021-36584.json | 56 +++++++++++++-- 2021/37xxx/CVE-2021-37614.json | 71 +++++++++++++++++-- 2021/37xxx/CVE-2021-37859.json | 95 ++++++++++++++++++++++++-- 2021/38xxx/CVE-2021-38143.json | 18 +++++ 2021/38xxx/CVE-2021-38144.json | 18 +++++ 2021/38xxx/CVE-2021-38145.json | 18 +++++ 2021/38xxx/CVE-2021-38146.json | 18 +++++ 2021/38xxx/CVE-2021-38147.json | 18 +++++ 2021/3xxx/CVE-2021-3679.json | 55 ++++++++++++++- 2021/3xxx/CVE-2021-3682.json | 50 +++++++++++++- 40 files changed, 2279 insertions(+), 158 deletions(-) create mode 100644 2021/38xxx/CVE-2021-38143.json create mode 100644 2021/38xxx/CVE-2021-38144.json create mode 100644 2021/38xxx/CVE-2021-38145.json create mode 100644 2021/38xxx/CVE-2021-38146.json create mode 100644 2021/38xxx/CVE-2021-38147.json diff --git a/2021/21xxx/CVE-2021-21738.json b/2021/21xxx/CVE-2021-21738.json index fa681285eb3..a0b7e9deded 100644 --- a/2021/21xxx/CVE-2021-21738.json +++ b/2021/21xxx/CVE-2021-21738.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21738", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@zte.com.cn", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "XSS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1016764", + "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1016764" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ZTE's big video business platform has two reflective cross-site scripting (XSS) vulnerabilities. Due to insufficient input verification, the attacker could implement XSS attacks by tampering with the parameters, to affect the operations of valid users. This affects: " } ] } diff --git a/2021/21xxx/CVE-2021-21739.json b/2021/21xxx/CVE-2021-21739.json index f77984e2837..cbc174ad845 100644 --- a/2021/21xxx/CVE-2021-21739.json +++ b/2021/21xxx/CVE-2021-21739.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21739", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@zte.com.cn", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insufficient Verification of Data reliability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1017024", + "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1017024" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A ZTE's product of the transport network access layer has a security vulnerability. Because the system does not sufficiently verify the data reliability, attackers could replace an authenticated optical module on the equipment with an unauthenticated one, bypassing system authentication and detection, thus affecting signal transmission. This affects: " } ] } diff --git a/2021/21xxx/CVE-2021-21863.json b/2021/21xxx/CVE-2021-21863.json index 7e0a7bb208f..2578950420f 100644 --- a/2021/21xxx/CVE-2021-21863.json +++ b/2021/21xxx/CVE-2021-21863.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21863", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "CODESYS", + "version": { + "version_data": [ + { + "version_value": "CODESYS GmbH CODESYS Development System 3.5.16 ,CODESYS GmbH CODESYS Development System 3.5.17" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "deserialization of untrusted data" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16805&token=ee583c498941d9fda86490bca98ff21928eec08a&download=", + "url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16805&token=ee583c498941d9fda86490bca98ff21928eec08a&download=" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A unsafe deserialization vulnerability exists in the ComponentModel Profile.FromFile() functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability." } ] } diff --git a/2021/22xxx/CVE-2021-22240.json b/2021/22xxx/CVE-2021-22240.json index 3e2cbe0c9cb..2736640620b 100644 --- a/2021/22xxx/CVE-2021-22240.json +++ b/2021/22xxx/CVE-2021-22240.json @@ -4,15 +4,97 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-22240", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@gitlab.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "GitLab", + "product": { + "product_data": [ + { + "product_name": "GitLab EE", + "version": { + "version_data": [ + { + "version_value": ">=13.7, <13.11.6" + }, + { + "version_value": ">=13.12, <13.12.6" + }, + { + "version_value": ">=14.0, <14.0.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper access control in GitLab EE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/327641", + "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/327641", + "refsource": "MISC" + }, + { + "name": "https://hackerone.com/reports/1166566", + "url": "https://hackerone.com/reports/1166566", + "refsource": "MISC" + }, + { + "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22240.json", + "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22240.json", + "refsource": "CONFIRM" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper access control in GitLab EE versions 13.11.6, 13.12.6, and 14.0.2 allows users to be created via single sign on despite user cap being enabled" } ] - } + }, + "impact": { + "cvss": { + "vectorString": "AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "version": "3.1", + "baseScore": 4.1, + "baseSeverity": "MEDIUM" + } + }, + "credit": [ + { + "lang": "eng", + "value": "Thanks bingomzan for reporting this vulnerability through our HackerOne bug bounty program" + } + ] } \ No newline at end of file diff --git a/2021/22xxx/CVE-2021-22241.json b/2021/22xxx/CVE-2021-22241.json index d1a404e7281..970d4d77abd 100644 --- a/2021/22xxx/CVE-2021-22241.json +++ b/2021/22xxx/CVE-2021-22241.json @@ -4,15 +4,94 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-22241", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@gitlab.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "GitLab", + "product": { + "product_data": [ + { + "product_name": "GitLab", + "version": { + "version_data": [ + { + "version_value": ">=14.1, <14.1.2" + }, + { + "version_value": ">=14.0, <14.0.7" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper neutralization of input during web page generation ('cross-site scripting') in GitLab" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://gitlab.com/gitlab-org/gitlab/-/issues/336460", + "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/336460", + "refsource": "MISC" + }, + { + "name": "https://hackerone.com/reports/1256777", + "url": "https://hackerone.com/reports/1256777", + "refsource": "MISC" + }, + { + "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22241.json", + "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22241.json", + "refsource": "CONFIRM" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0. It was possible to exploit a stored cross-site-scripting via a specifically crafted default branch name." } ] - } + }, + "impact": { + "cvss": { + "vectorString": "AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N", + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "version": "3.1", + "baseScore": 8.7, + "baseSeverity": "HIGH" + } + }, + "credit": [ + { + "lang": "eng", + "value": "Thanks [joaxcar](https://hackerone.com/joaxcar) for reporting this vulnerability through our HackerOne bug bounty program" + } + ] } \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23849.json b/2021/23xxx/CVE-2021-23849.json index 35650cc3a9b..42e0b5c3b9a 100644 --- a/2021/23xxx/CVE-2021-23849.json +++ b/2021/23xxx/CVE-2021-23849.json @@ -4,15 +4,83 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-23849", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@bosch.com", + "DATE_PUBLIC": "2021-08-04", + "TITLE": "Cross Site Request Forgery (CSRF) vulnerability in web based management interface", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Bosch", + "product": { + "product_data": [ + { + "product_name": "CPP Firmware", + "version": { + "version_data": [ + { + "version_value": "all", + "version_affected": "=", + "platform": "CPP4, CPP6, AVIOTEC, CPP7, CPP7.3, CPP13, CPP14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "impact": { + "cvss": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + } + }, + "references": { + "reference_data": [ + { + "url": "https://psirt.bosch.com/security-advisories/bosch-sa-033305-bt.html", + "name": "https://psirt.bosch.com/security-advisories/bosch-sa-033305-bt.html", + "refsource": "CONFIRM" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the web-based interface allows an unauthenticated remote attacker to trigger actions on an affected system on behalf of another user (CSRF - Cross Site Request Forgery). This requires the victim to be tricked into clicking a malicious link or opening a malicious website while being logged in into the camera." } ] + }, + "source": { + "advisory": "BOSCH-SA-478243-BT", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25443.json b/2021/25xxx/CVE-2021-25443.json index a3d06de8449..7775d16bf3f 100644 --- a/2021/25xxx/CVE-2021-25443.json +++ b/2021/25xxx/CVE-2021-25443.json @@ -1,18 +1,72 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "mobile.security@samsung.com", "ID": "CVE-2021-25443", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Samsung Mobile Devices", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "O(8.1), P(9.0), Q(10.0) , R(11.0)", + "version_value": "SMR AUG-2021 Release 1" + } + ] + } + } + ] + }, + "vendor_name": "Samsung Mobile" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A use after free vulnerability in conn_gadget driver prior to SMR AUG-2021 Release 1 allows malicious action by an attacker." } ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-825: Expired Pointer Dereference" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=8", + "name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=8" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25444.json b/2021/25xxx/CVE-2021-25444.json index 201ba3f88d0..aff3678b871 100644 --- a/2021/25xxx/CVE-2021-25444.json +++ b/2021/25xxx/CVE-2021-25444.json @@ -1,18 +1,72 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "mobile.security@samsung.com", "ID": "CVE-2021-25444", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Samsung Mobile Devices", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "O(8.1), P(9.0), Q(10.0)", + "version_value": "SMR AUG-2021 Release 1" + } + ] + } + } + ] + }, + "vendor_name": "Samsung Mobile" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process." } ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20: Improper Input Validation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=8", + "name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=8" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25445.json b/2021/25xxx/CVE-2021-25445.json index 9ea29258111..be3a7e3f508 100644 --- a/2021/25xxx/CVE-2021-25445.json +++ b/2021/25xxx/CVE-2021-25445.json @@ -1,18 +1,72 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "mobile.security@samsung.com", "ID": "CVE-2021-25445", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Samsung Internet", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "-", + "version_value": "14.2" + } + ] + } + } + ] + }, + "vendor_name": "Samsung Mobile" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet." } ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-287: Improper Authentication" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=8", + "name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=8" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25446.json b/2021/25xxx/CVE-2021-25446.json index 32b1cc3dc12..e10196b2ec9 100644 --- a/2021/25xxx/CVE-2021-25446.json +++ b/2021/25xxx/CVE-2021-25446.json @@ -1,18 +1,72 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "mobile.security@samsung.com", "ID": "CVE-2021-25446", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Smart Things", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "-", + "version_value": "1.7.67.25" + } + ] + } + } + ] + }, + "vendor_name": "Samsung Mobile" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loading in webview." } ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284 Improper Access Control" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=8", + "name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=8" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25447.json b/2021/25xxx/CVE-2021-25447.json index 6339821f80e..b43ed7896ec 100644 --- a/2021/25xxx/CVE-2021-25447.json +++ b/2021/25xxx/CVE-2021-25447.json @@ -1,18 +1,72 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "mobile.security@samsung.com", "ID": "CVE-2021-25447", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Smart Things", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "-", + "version_value": "1.7.67.25" + } + ] + } + } + ] + }, + "vendor_name": "Samsung Mobile" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause local file inclusion in webview." } ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284 Improper Access Control" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=8", + "name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=8" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/25xxx/CVE-2021-25448.json b/2021/25xxx/CVE-2021-25448.json index 9052e11629a..5bc5e0767de 100644 --- a/2021/25xxx/CVE-2021-25448.json +++ b/2021/25xxx/CVE-2021-25448.json @@ -1,18 +1,72 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "mobile.security@samsung.com", "ID": "CVE-2021-25448", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Smart Touch Call", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "-", + "version_value": "1.0.0.5" + } + ] + } + } + ] + }, + "vendor_name": "Samsung Mobile" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper access control vulnerability in Smart Touch Call prior to version 1.0.0.5 allows arbitrary webpage loading in webview." } ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284 Improper Access Control" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=8", + "name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=8" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29969.json b/2021/29xxx/CVE-2021-29969.json index e3268741854..9b0228128af 100644 --- a/2021/29xxx/CVE-2021-29969.json +++ b/2021/29xxx/CVE-2021-29969.json @@ -4,14 +4,64 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29969", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mozilla.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Mozilla", + "product": { + "product_data": [ + { + "product_name": "Thunderbird", + "version": { + "version_data": [ + { + "version_value": "78.12", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "IMAP server responses sent by a MITM prior to STARTTLS could be processed" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mozilla.org/security/advisories/mfsa2021-30/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2021-30/" + }, + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1682370", + "refsource": "MISC", + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1682370" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS handshake, then Thunderbird didn't ignore the injected data. This could have resulted in Thunderbird showing incorrect information, for example the attacker could have tricked Thunderbird to show folders that didn't exist on the IMAP server. This vulnerability affects Thunderbird < 78.12." } ] } diff --git a/2021/29xxx/CVE-2021-29970.json b/2021/29xxx/CVE-2021-29970.json index 09eb1125b42..6d156368a23 100644 --- a/2021/29xxx/CVE-2021-29970.json +++ b/2021/29xxx/CVE-2021-29970.json @@ -4,14 +4,96 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29970", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mozilla.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Mozilla", + "product": { + "product_data": [ + { + "product_name": "Thunderbird", + "version": { + "version_data": [ + { + "version_value": "78.12", + "version_affected": "<" + } + ] + } + }, + { + "product_name": "Firefox ESR", + "version": { + "version_data": [ + { + "version_value": "78.12", + "version_affected": "<" + } + ] + } + }, + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_value": "90", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use-after-free in accessibility features of a document" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mozilla.org/security/advisories/mfsa2021-28/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2021-28/" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2021-30/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2021-30/" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2021-29/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2021-29/" + }, + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1709976", + "refsource": "MISC", + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1709976" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug could only be triggered when accessibility was enabled.*. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90." } ] } diff --git a/2021/29xxx/CVE-2021-29971.json b/2021/29xxx/CVE-2021-29971.json index 62e1ba126e1..5f35395bf24 100644 --- a/2021/29xxx/CVE-2021-29971.json +++ b/2021/29xxx/CVE-2021-29971.json @@ -4,14 +4,64 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29971", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mozilla.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Mozilla", + "product": { + "product_data": [ + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_value": "90", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Granted permissions only compared host; omitting scheme and port on Android" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mozilla.org/security/advisories/mfsa2021-28/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2021-28/" + }, + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1713638", + "refsource": "MISC", + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1713638" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 90." } ] } diff --git a/2021/29xxx/CVE-2021-29972.json b/2021/29xxx/CVE-2021-29972.json index df356d7c2d9..1762675df8a 100644 --- a/2021/29xxx/CVE-2021-29972.json +++ b/2021/29xxx/CVE-2021-29972.json @@ -4,14 +4,64 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29972", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mozilla.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Mozilla", + "product": { + "product_data": [ + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_value": "90", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use of out-of-date library included use-after-free vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mozilla.org/security/advisories/mfsa2021-28/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2021-28/" + }, + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1696816", + "refsource": "MISC", + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1696816" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A use-after-free vulnerability was found via testing, and traced to an out-of-date Cairo library. Updating the library resolved the issue, and may have remediated other, unknown security vulnerabilities as well. This vulnerability affects Firefox < 90." } ] } diff --git a/2021/29xxx/CVE-2021-29973.json b/2021/29xxx/CVE-2021-29973.json index f8efaab4b58..ed40df50529 100644 --- a/2021/29xxx/CVE-2021-29973.json +++ b/2021/29xxx/CVE-2021-29973.json @@ -4,14 +4,64 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29973", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mozilla.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Mozilla", + "product": { + "product_data": [ + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_value": "90", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Password autofill on HTTP websites was enabled without user interaction on Android" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mozilla.org/security/advisories/mfsa2021-28/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2021-28/" + }, + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1701932", + "refsource": "MISC", + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1701932" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Password autofill was enabled without user interaction on insecure websites on Firefox for Android. This was corrected to require user interaction with the page before a user's password would be entered by the browser's autofill functionality *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 90." } ] } diff --git a/2021/29xxx/CVE-2021-29974.json b/2021/29xxx/CVE-2021-29974.json index 7b302ea963e..447351ca116 100644 --- a/2021/29xxx/CVE-2021-29974.json +++ b/2021/29xxx/CVE-2021-29974.json @@ -4,14 +4,64 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29974", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mozilla.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Mozilla", + "product": { + "product_data": [ + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_value": "90", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "HSTS errors could be overridden when network partitioning was enabled" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mozilla.org/security/advisories/mfsa2021-28/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2021-28/" + }, + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1704843", + "refsource": "MISC", + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1704843" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "When network partitioning was enabled, e.g. as a result of Enhanced Tracking Protection settings, a TLS error page would allow the user to override an error on a domain which had specified HTTP Strict Transport Security (which implies that the error should not be override-able.) This issue did not affect the network connections, and they were correctly upgraded to HTTPS automatically. This vulnerability affects Firefox < 90." } ] } diff --git a/2021/29xxx/CVE-2021-29975.json b/2021/29xxx/CVE-2021-29975.json index a312e2fc5b5..7c1c0dbb463 100644 --- a/2021/29xxx/CVE-2021-29975.json +++ b/2021/29xxx/CVE-2021-29975.json @@ -4,14 +4,64 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29975", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mozilla.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Mozilla", + "product": { + "product_data": [ + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_value": "90", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Text message could be overlaid on top of another website" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mozilla.org/security/advisories/mfsa2021-28/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2021-28/" + }, + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1713259", + "refsource": "MISC", + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1713259" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Through a series of DOM manipulations, a message, over which the attacker had control of the text but not HTML or formatting, could be overlaid on top of another domain (with the new domain correctly shown in the address bar) resulting in possible user confusion. This vulnerability affects Firefox < 90." } ] } diff --git a/2021/29xxx/CVE-2021-29976.json b/2021/29xxx/CVE-2021-29976.json index 70335b39a3a..7882436b06a 100644 --- a/2021/29xxx/CVE-2021-29976.json +++ b/2021/29xxx/CVE-2021-29976.json @@ -4,14 +4,96 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29976", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mozilla.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Mozilla", + "product": { + "product_data": [ + { + "product_name": "Thunderbird", + "version": { + "version_data": [ + { + "version_value": "78.12", + "version_affected": "<" + } + ] + } + }, + { + "product_name": "Firefox ESR", + "version": { + "version_data": [ + { + "version_value": "78.12", + "version_affected": "<" + } + ] + } + }, + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_value": "90", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Memory safety bugs fixed in Thunderbird 78.12" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mozilla.org/security/advisories/mfsa2021-28/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2021-28/" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2021-30/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2021-30/" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2021-29/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2021-29/" + }, + { + "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1700895%2C1703334%2C1706910%2C1711576%2C1714391", + "refsource": "MISC", + "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1700895%2C1703334%2C1706910%2C1711576%2C1714391" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90." } ] } diff --git a/2021/29xxx/CVE-2021-29977.json b/2021/29xxx/CVE-2021-29977.json index 90ebef4258e..390d8b2070c 100644 --- a/2021/29xxx/CVE-2021-29977.json +++ b/2021/29xxx/CVE-2021-29977.json @@ -4,14 +4,64 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29977", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mozilla.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Mozilla", + "product": { + "product_data": [ + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_value": "90", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Memory safety bugs fixed in Firefox 90" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mozilla.org/security/advisories/mfsa2021-28/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2021-28/" + }, + { + "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1665836%2C1686138%2C1704316%2C1706314%2C1709931%2C1712084%2C1712357%2C1714066", + "refsource": "MISC", + "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1665836%2C1686138%2C1704316%2C1706314%2C1709931%2C1712084%2C1712357%2C1714066" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Mozilla developers reported memory safety bugs present in Firefox 89. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 90." } ] } diff --git a/2021/29xxx/CVE-2021-29978.json b/2021/29xxx/CVE-2021-29978.json index ed3fb85f8be..e39a491a7a2 100644 --- a/2021/29xxx/CVE-2021-29978.json +++ b/2021/29xxx/CVE-2021-29978.json @@ -4,14 +4,129 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-29978", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@mozilla.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Mozilla", + "product": { + "product_data": [ + { + "product_name": "Mozilla VPN", + "version": { + "version_data": [ + { + "version_value": "2.3", + "version_affected": "<" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Multiple low security issues were discovered in a security audit of Mozilla VPN 2.0 branch" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mozilla.org/security/advisories/mfsa2021-31/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2021-31/" + }, + { + "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/797", + "refsource": "MISC", + "name": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/797" + }, + { + "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/798", + "refsource": "MISC", + "name": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/798" + }, + { + "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/799", + "refsource": "MISC", + "name": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/799" + }, + { + "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/800", + "refsource": "MISC", + "name": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/800" + }, + { + "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/801", + "refsource": "MISC", + "name": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/801" + }, + { + "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/803", + "refsource": "MISC", + "name": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/803" + }, + { + "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/804", + "refsource": "MISC", + "name": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/804" + }, + { + "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/805", + "refsource": "MISC", + "name": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/805" + }, + { + "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/806", + "refsource": "MISC", + "name": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/806" + }, + { + "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/808", + "refsource": "MISC", + "name": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/808" + }, + { + "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/809", + "refsource": "MISC", + "name": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/809" + }, + { + "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/810", + "refsource": "MISC", + "name": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/810" + }, + { + "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/812", + "refsource": "MISC", + "name": "https://github.com/mozilla-mobile/mozilla-vpn-client/issues/812" + }, + { + "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/816", + "refsource": "MISC", + "name": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/816" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple low security issues were discovered and fixed in a security audit of Mozilla VPN 2.x branch as part of a 3rd party security audit. This vulnerability affects Mozilla VPN < 2.3." } ] } diff --git a/2021/32xxx/CVE-2021-32577.json b/2021/32xxx/CVE-2021-32577.json index edced7bdebf..7b7a756f1bd 100644 --- a/2021/32xxx/CVE-2021-32577.json +++ b/2021/32xxx/CVE-2021-32577.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-32577", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-32577", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://kb.acronis.com/content/68413", + "refsource": "MISC", + "name": "https://kb.acronis.com/content/68413" } ] } diff --git a/2021/32xxx/CVE-2021-32578.json b/2021/32xxx/CVE-2021-32578.json index f34895b9706..e6da279fee8 100644 --- a/2021/32xxx/CVE-2021-32578.json +++ b/2021/32xxx/CVE-2021-32578.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-32578", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-32578", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to improper soft link handling (issue 2 of 2)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://kb.acronis.com/content/68419", + "refsource": "MISC", + "name": "https://kb.acronis.com/content/68419" } ] } diff --git a/2021/32xxx/CVE-2021-32581.json b/2021/32xxx/CVE-2021-32581.json index d413f86245c..9c42a283b62 100644 --- a/2021/32xxx/CVE-2021-32581.json +++ b/2021/32xxx/CVE-2021-32581.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-32581", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-32581", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://kb.acronis.com/content/68419", + "refsource": "MISC", + "name": "https://kb.acronis.com/content/68419" + }, + { + "url": "https://kb.acronis.com/content/68413", + "refsource": "MISC", + "name": "https://kb.acronis.com/content/68413" + }, + { + "url": "https://kb.acronis.com/content/68648", + "refsource": "MISC", + "name": "https://kb.acronis.com/content/68648" } ] } diff --git a/2021/33xxx/CVE-2021-33596.json b/2021/33xxx/CVE-2021-33596.json index be72561f0e7..f04187f5fa9 100644 --- a/2021/33xxx/CVE-2021-33596.json +++ b/2021/33xxx/CVE-2021-33596.json @@ -1,18 +1,99 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve-notifications-us@f-secure.com", "ID": "CVE-2021-33596", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Fake Apple login prompt in F-Secure SAFE browser for iOS" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "F-Secure Mobile Security", + "version": { + "version_data": [ + { + "platform": "iOS", + "version_affected": "<", + "version_name": "18.3x", + "version_value": "18.4x" + } + ] + } + } + ] + }, + "vendor_name": "F-Secure" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. Exploiting the vulnerability requires the user to click on a specially crafted, seemingly legitimate URL containing an embedded malicious redirect while using F-Secure Safe Browser for iOS." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Fake Apple login prompt in F-Secure SAFE browser for iOS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame", + "name": "https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame" + }, + { + "refsource": "MISC", + "url": "https://www.f-secure.com/en/business/support-and-downloads/security-advisories", + "name": "https://www.f-secure.com/en/business/support-and-downloads/security-advisories" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Upgrade to version 18.4.x or newer from the App Store " + } + ], + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34371.json b/2021/34xxx/CVE-2021-34371.json index cacb9c81ad5..adefb125f00 100644 --- a/2021/34xxx/CVE-2021-34371.json +++ b/2021/34xxx/CVE-2021-34371.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-34371", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-34371", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Neo4j through 3.4.18 (with the shell server enabled) exposes an RMI service that arbitrarily deserializes Java objects, e.g., through setSessionVariable. An attacker can abuse this for remote code execution because there are dependencies with exploitable gadget chains." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/50170", + "url": "https://www.exploit-db.com/exploits/50170" } ] } diff --git a/2021/34xxx/CVE-2021-34631.json b/2021/34xxx/CVE-2021-34631.json index 7d1452170a0..652220a2a5a 100644 --- a/2021/34xxx/CVE-2021-34631.json +++ b/2021/34xxx/CVE-2021-34631.json @@ -1,18 +1,101 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "AKA": "Wordfence", + "ASSIGNER": "security@wordfence.com", + "DATE_PUBLIC": "2021-07-21T15:18:00.000Z", "ID": "CVE-2021-34631", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "NewsPlugin <= 1.0.18 - Cross-Site Request Forgery to Stored Cross-Site Scripting" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "NewsPlugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.0.18", + "version_value": "1.0.18" + } + ] + } + } + ] + }, + "vendor_name": "NewsPlugin" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Taichi Ichimura, Cryptography Laboratory in Tokyo Denki University" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The NewsPlugin WordPress plugin is vulnerable to Cross-Site Request Forgery via the handle_save_style function found in the ~/news-plugin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.18." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2021-34631", + "name": "https://www.wordfence.com/vulnerability-advisories/#CVE-2021-34631" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Uninstall the plugin from WordPress site. " + } + ], + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/35xxx/CVE-2021-35306.json b/2021/35xxx/CVE-2021-35306.json index 381b05f86a0..90538505208 100644 --- a/2021/35xxx/CVE-2021-35306.json +++ b/2021/35xxx/CVE-2021-35306.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-35306", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-35306", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the function AP4_StszAtom::WriteFields located in Ap4StszAtom.cpp. It allows an attacker to cause a denial of service (DOS)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/axiomatic-systems/Bento4/issues/615", + "refsource": "MISC", + "name": "https://github.com/axiomatic-systems/Bento4/issues/615" } ] } diff --git a/2021/35xxx/CVE-2021-35307.json b/2021/35xxx/CVE-2021-35307.json index 209ae89163c..147aa32a2df 100644 --- a/2021/35xxx/CVE-2021-35307.json +++ b/2021/35xxx/CVE-2021-35307.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-35307", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-35307", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the AP4_DescriptorFinder::Test component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/axiomatic-systems/Bento4/issues/616", + "refsource": "MISC", + "name": "https://github.com/axiomatic-systems/Bento4/issues/616" } ] } diff --git a/2021/36xxx/CVE-2021-36584.json b/2021/36xxx/CVE-2021-36584.json index 862f2b313ec..e3ec8302fef 100644 --- a/2021/36xxx/CVE-2021-36584.json +++ b/2021/36xxx/CVE-2021-36584.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-36584", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-36584", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GPAC 1.0.1. There is a heap-based buffer overflow in the function gp_rtp_builder_do_tx3g function in ietf/rtp_pck_3gpp.c, as demonstrated by MP4Box. This can cause a denial of service (DOS)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gpac/gpac/issues/1842", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/issues/1842" } ] } diff --git a/2021/37xxx/CVE-2021-37614.json b/2021/37xxx/CVE-2021-37614.json index 912952b1026..5b68bb2cedf 100644 --- a/2021/37xxx/CVE-2021-37614.json +++ b/2021/37xxx/CVE-2021-37614.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-37614", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-37614", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In certain Progress MOVEit Transfer versions before 2021.0.3 (aka 13.0.3), SQL injection in the MOVEit Transfer web application could allow an authenticated remote attacker to gain access to the database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, or execute SQL statements that alter or delete database elements, via crafted strings sent to unique MOVEit Transfer transaction types. The fixed versions are 2019.0.7 (11.0.7), 2019.1.6 (11.1.6), 2019.2.3 (11.2.3), 2020.0.6 (12.0.6), 2020.1.5 (12.1.5), and 2021.0.3 (13.0.3)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-August-2021", + "url": "https://community.progress.com/s/article/MOVEit-Transfer-Vulnerability-August-2021" + }, + { + "refsource": "MISC", + "name": "https://docs.ipswitch.com/MOVEit/Transfer2019/ReleaseNotes/en/index.htm#48648.htm", + "url": "https://docs.ipswitch.com/MOVEit/Transfer2019/ReleaseNotes/en/index.htm#48648.htm" + }, + { + "refsource": "MISC", + "name": "https://docs.ipswitch.com/MOVEit/Transfer2021/ReleaseNotes/en/index.htm#link8", + "url": "https://docs.ipswitch.com/MOVEit/Transfer2021/ReleaseNotes/en/index.htm#link8" + }, + { + "refsource": "MISC", + "name": "https://docs.ipswitch.com/MOVEit/Transfer2020/ReleaseNotes/en/index.htm#50951.htm", + "url": "https://docs.ipswitch.com/MOVEit/Transfer2020/ReleaseNotes/en/index.htm#50951.htm" } ] } diff --git a/2021/37xxx/CVE-2021-37859.json b/2021/37xxx/CVE-2021-37859.json index 3df7f9be2cf..48d61a8182c 100644 --- a/2021/37xxx/CVE-2021-37859.json +++ b/2021/37xxx/CVE-2021-37859.json @@ -1,18 +1,101 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "responsibledisclosure@mattermost.com", "ID": "CVE-2021-37859", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Reflected XSS in OAuth Flow" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Mattermost ", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "5.32.0", + "version_value": "5.36.0" + }, + { + "version_affected": "!", + "version_name": "5.34.5", + "version_value": "5.34.5" + }, + { + "version_affected": "!", + "version_name": "5.35.4", + "version_value": "5.35.4" + } + ] + } + } + ] + }, + "vendor_name": "Mattermost " + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Fixed a bypass for a reflected cross-site scripting vulnerability affecting OAuth-enabled instances of Mattermost." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-site Scripting (XSS)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://mattermost.com/security-updates/", + "name": "https://mattermost.com/security-updates/" + } + ] + }, + "source": { + "advisory": "MMSA-2021-0055", + "defect": [ + "https://mattermost.atlassian.net/browse/MM-36249" + ], + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38143.json b/2021/38xxx/CVE-2021-38143.json new file mode 100644 index 00000000000..2ed2b9eef0b --- /dev/null +++ b/2021/38xxx/CVE-2021-38143.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38143", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38144.json b/2021/38xxx/CVE-2021-38144.json new file mode 100644 index 00000000000..e05aedf7a2d --- /dev/null +++ b/2021/38xxx/CVE-2021-38144.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38144", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38145.json b/2021/38xxx/CVE-2021-38145.json new file mode 100644 index 00000000000..5144b60f35a --- /dev/null +++ b/2021/38xxx/CVE-2021-38145.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38145", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38146.json b/2021/38xxx/CVE-2021-38146.json new file mode 100644 index 00000000000..9a67944a084 --- /dev/null +++ b/2021/38xxx/CVE-2021-38146.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38146", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38147.json b/2021/38xxx/CVE-2021-38147.json new file mode 100644 index 00000000000..d6ccac690a0 --- /dev/null +++ b/2021/38xxx/CVE-2021-38147.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-38147", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3679.json b/2021/3xxx/CVE-2021-3679.json index d921fb1f274..f9ba7a3dd85 100644 --- a/2021/3xxx/CVE-2021-3679.json +++ b/2021/3xxx/CVE-2021-3679.json @@ -4,14 +4,63 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3679", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "kernel", + "version": { + "version_data": [ + { + "version_value": "kernel 5.14-rc3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-400" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1989165", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989165" + }, + { + "refsource": "MISC", + "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=67f0d6d9883c13174669f88adac4f0ee656cc16a", + "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=67f0d6d9883c13174669f88adac4f0ee656cc16a" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service." } ] } diff --git a/2021/3xxx/CVE-2021-3682.json b/2021/3xxx/CVE-2021-3682.json index 94ee249b5d1..e5921d0e9ae 100644 --- a/2021/3xxx/CVE-2021-3682.json +++ b/2021/3xxx/CVE-2021-3682.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3682", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "QEMU", + "version": { + "version_data": [ + { + "version_value": "qemu 6.1.0-rc2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-763" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1989651", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989651" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host." } ] }