From 999536c0fe364f145e961d48cbaa46ee412d13f6 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 18 Mar 2022 07:01:16 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/45xxx/CVE-2021-45868.json | 76 +++++++++++++++++++++++++++++++--- 2022/26xxx/CVE-2022-26965.json | 61 ++++++++++++++++++++++++--- 2022/27xxx/CVE-2022-27191.json | 61 ++++++++++++++++++++++++--- 3 files changed, 180 insertions(+), 18 deletions(-) diff --git a/2021/45xxx/CVE-2021-45868.json b/2021/45xxx/CVE-2021-45868.json index bb9e8fb6327..06b718a6c3d 100644 --- a/2021/45xxx/CVE-2021-45868.json +++ b/2021/45xxx/CVE-2021-45868.json @@ -1,17 +1,81 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-45868", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-45868", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugzilla.kernel.org/show_bug.cgi?id=214655", + "refsource": "MISC", + "name": "https://bugzilla.kernel.org/show_bug.cgi?id=214655" + }, + { + "refsource": "MISC", + "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9bf3d20331295b1ecb81f4ed9ef358c51699a050", + "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9bf3d20331295b1ecb81f4ed9ef358c51699a050" + }, + { + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2022/03/17/2", + "url": "https://www.openwall.com/lists/oss-security/2022/03/17/2" + }, + { + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2022/03/17/1", + "url": "https://www.openwall.com/lists/oss-security/2022/03/17/1" + }, + { + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.3", + "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.3" } ] } diff --git a/2022/26xxx/CVE-2022-26965.json b/2022/26xxx/CVE-2022-26965.json index c842ebc9381..e8f11078b90 100644 --- a/2022/26xxx/CVE-2022-26965.json +++ b/2022/26xxx/CVE-2022-26965.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-26965", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-26965", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Pluck 4.7.16, an admin user can use the theme upload functionality at /admin.php?action=themeinstall to perform remote code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://youtu.be/sN6J_X4mEbY", + "refsource": "MISC", + "name": "https://youtu.be/sN6J_X4mEbY" + }, + { + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/166336/Pluck-CMS-4.7.16-Shell-Upload.html", + "url": "https://packetstormsecurity.com/files/166336/Pluck-CMS-4.7.16-Shell-Upload.html" } ] } diff --git a/2022/27xxx/CVE-2022-27191.json b/2022/27xxx/CVE-2022-27191.json index e96fdd72d03..7e20abc8249 100644 --- a/2022/27xxx/CVE-2022-27191.json +++ b/2022/27xxx/CVE-2022-27191.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-27191", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-27191", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "golang.org/x/crypto/ssh before 0.0.0-20220314234659-1baeb1ce4c0b in Go through 1.16.15 and 1.17.x through 1.17.8 allows an attacker to crash a server in certain circumstances involving AddHostKey." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://groups.google.com/g/golang-announce", + "refsource": "MISC", + "name": "https://groups.google.com/g/golang-announce" + }, + { + "refsource": "CONFIRM", + "name": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s", + "url": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s" } ] }