From 9d11578db0a65ac30b47c55e450757830ee0dd83 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 25 Oct 2023 17:34:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/1003xxx/CVE-2019-1003031.json | 77 +++++++++++++------------ 2019/1003xxx/CVE-2019-1003032.json | 71 ++++++++++++----------- 2019/1003xxx/CVE-2019-1003033.json | 71 ++++++++++++----------- 2019/1003xxx/CVE-2019-1003034.json | 77 +++++++++++++------------ 2019/1003xxx/CVE-2019-1003035.json | 71 ++++++++++++----------- 2019/1003xxx/CVE-2019-1003036.json | 71 ++++++++++++----------- 2019/1003xxx/CVE-2019-1003037.json | 71 ++++++++++++----------- 2019/1003xxx/CVE-2019-1003038.json | 71 ++++++++++++----------- 2019/1003xxx/CVE-2019-1003039.json | 71 ++++++++++++----------- 2019/1003xxx/CVE-2019-1003040.json | 75 +++++++++++++------------ 2019/1003xxx/CVE-2019-1003041.json | 75 +++++++++++++------------ 2019/10xxx/CVE-2019-10459.json | 65 ++++++++++----------- 2019/10xxx/CVE-2019-10460.json | 65 ++++++++++----------- 2019/10xxx/CVE-2019-10461.json | 65 ++++++++++----------- 2019/10xxx/CVE-2019-10462.json | 67 +++++++++++----------- 2019/10xxx/CVE-2019-10463.json | 67 +++++++++++----------- 2019/10xxx/CVE-2019-10464.json | 65 ++++++++++----------- 2019/10xxx/CVE-2019-10465.json | 65 ++++++++++----------- 2019/10xxx/CVE-2019-10466.json | 65 ++++++++++----------- 2019/10xxx/CVE-2019-10467.json | 65 ++++++++++----------- 2019/10xxx/CVE-2019-10468.json | 67 +++++++++++----------- 2019/10xxx/CVE-2019-10469.json | 67 +++++++++++----------- 2019/10xxx/CVE-2019-10470.json | 67 +++++++++++----------- 2019/10xxx/CVE-2019-10471.json | 67 +++++++++++----------- 2019/10xxx/CVE-2019-10472.json | 67 +++++++++++----------- 2019/10xxx/CVE-2019-10473.json | 67 +++++++++++----------- 2019/10xxx/CVE-2019-10474.json | 65 ++++++++++----------- 2020/2xxx/CVE-2020-2146.json | 67 +++++++++++----------- 2020/2xxx/CVE-2020-2147.json | 67 +++++++++++----------- 2020/2xxx/CVE-2020-2148.json | 67 +++++++++++----------- 2020/2xxx/CVE-2020-2149.json | 85 ++++++++++++++++------------ 2020/2xxx/CVE-2020-2150.json | 85 ++++++++++++++++------------ 2020/2xxx/CVE-2020-2151.json | 85 ++++++++++++++++------------ 2020/2xxx/CVE-2020-2152.json | 85 ++++++++++++++++------------ 2020/2xxx/CVE-2020-2153.json | 85 ++++++++++++++++------------ 2020/2xxx/CVE-2020-2154.json | 85 ++++++++++++++++------------ 2020/2xxx/CVE-2020-2155.json | 85 ++++++++++++++++------------ 2020/2xxx/CVE-2020-2156.json | 85 ++++++++++++++++------------ 2020/2xxx/CVE-2020-2157.json | 85 ++++++++++++++++------------ 2020/2xxx/CVE-2020-2158.json | 85 ++++++++++++++++------------ 2020/2xxx/CVE-2020-2159.json | 85 ++++++++++++++++------------ 2020/2xxx/CVE-2020-2160.json | 71 +++++++++++------------ 2020/2xxx/CVE-2020-2161.json | 71 +++++++++++------------ 2020/2xxx/CVE-2020-2162.json | 71 +++++++++++------------ 2022/28xxx/CVE-2022-28143.json | 67 +++++++++++----------- 2022/28xxx/CVE-2022-28144.json | 67 +++++++++++----------- 2022/28xxx/CVE-2022-28145.json | 67 +++++++++++----------- 2022/28xxx/CVE-2022-28146.json | 67 +++++++++++----------- 2022/28xxx/CVE-2022-28147.json | 67 +++++++++++----------- 2022/28xxx/CVE-2022-28148.json | 67 +++++++++++----------- 2022/28xxx/CVE-2022-28149.json | 85 ++++++++++++++++------------ 2022/28xxx/CVE-2022-28150.json | 87 ++++++++++++++++------------- 2022/28xxx/CVE-2022-28151.json | 87 ++++++++++++++++------------- 2022/28xxx/CVE-2022-28152.json | 87 ++++++++++++++++------------- 2022/28xxx/CVE-2022-28153.json | 85 ++++++++++++++++------------ 2022/28xxx/CVE-2022-28154.json | 85 ++++++++++++++++------------ 2022/28xxx/CVE-2022-28155.json | 85 ++++++++++++++++------------ 2022/28xxx/CVE-2022-28156.json | 85 ++++++++++++++++------------ 2022/28xxx/CVE-2022-28157.json | 85 ++++++++++++++++------------ 2022/28xxx/CVE-2022-28158.json | 85 ++++++++++++++++------------ 2022/28xxx/CVE-2022-28159.json | 85 ++++++++++++++++------------ 2022/43xxx/CVE-2022-43430.json | 85 ++++++++++++++++------------ 2022/43xxx/CVE-2022-43431.json | 85 ++++++++++++++++------------ 2022/43xxx/CVE-2022-43432.json | 85 ++++++++++++++++------------ 2022/43xxx/CVE-2022-43433.json | 85 ++++++++++++++++------------ 2022/43xxx/CVE-2022-43434.json | 85 ++++++++++++++++------------ 2022/43xxx/CVE-2022-43435.json | 85 ++++++++++++++++------------ 2022/45xxx/CVE-2022-45379.json | 82 ++++++++++++++++----------- 2022/45xxx/CVE-2022-45380.json | 90 +++++++++++++++++------------- 2022/45xxx/CVE-2022-45381.json | 66 ++++++++++++---------- 2022/45xxx/CVE-2022-45382.json | 66 ++++++++++++---------- 2022/45xxx/CVE-2022-45383.json | 82 ++++++++++++++++----------- 2022/45xxx/CVE-2022-45384.json | 66 ++++++++++++---------- 2022/45xxx/CVE-2022-45385.json | 82 ++++++++++++++++----------- 2022/45xxx/CVE-2022-45386.json | 84 +++++++++++++++++----------- 2022/45xxx/CVE-2022-45387.json | 84 +++++++++++++++++----------- 2022/45xxx/CVE-2022-45388.json | 84 +++++++++++++++++----------- 2022/45xxx/CVE-2022-45389.json | 84 +++++++++++++++++----------- 2022/46xxx/CVE-2022-46836.json | 5 ++ 2022/47xxx/CVE-2022-47002.json | 8 +-- 2022/47xxx/CVE-2022-47909.json | 7 ++- 2022/48xxx/CVE-2022-48321.json | 5 ++ 2023/24xxx/CVE-2023-24422.json | 75 ++++++++++++++----------- 2023/24xxx/CVE-2023-24423.json | 59 ++++++++++---------- 2023/24xxx/CVE-2023-24424.json | 59 ++++++++++---------- 2023/24xxx/CVE-2023-24425.json | 59 ++++++++++---------- 2023/24xxx/CVE-2023-24426.json | 59 ++++++++++---------- 2023/24xxx/CVE-2023-24427.json | 59 ++++++++++---------- 2023/45xxx/CVE-2023-45833.json | 85 ++++++++++++++++++++++++++-- 2023/45xxx/CVE-2023-45835.json | 85 ++++++++++++++++++++++++++-- 2023/46xxx/CVE-2023-46010.json | 61 ++++++++++++++++++-- 2023/46xxx/CVE-2023-46369.json | 56 +++++++++++++++++-- 2023/46xxx/CVE-2023-46370.json | 56 +++++++++++++++++-- 2023/46xxx/CVE-2023-46371.json | 56 +++++++++++++++++-- 2023/46xxx/CVE-2023-46373.json | 56 +++++++++++++++++-- 95 files changed, 3821 insertions(+), 2958 deletions(-) diff --git a/2019/1003xxx/CVE-2019-1003031.json b/2019/1003xxx/CVE-2019-1003031.json index dee85f06217..ca273fd554f 100644 --- a/2019/1003xxx/CVE-2019-1003031.json +++ b/2019/1003xxx/CVE-2019-1003031.json @@ -1,37 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "DATE_ASSIGNED": "2019-03-06T22:44:37.384911", "ID": "CVE-2019-1003031", - "REQUESTER": "ml@beckweb.net", + "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Jenkins Matrix Project Plugin", - "version": { - "version_data": [ - { - "version_value": "1.13 and earlier" - } - ] - } - } - ] - }, - "vendor_name": "Jenkins project" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -46,28 +21,52 @@ "description": [ { "lang": "eng", - "value": "CWE-693" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Matrix Project Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.13 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1339", - "refsource": "CONFIRM", - "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1339" + "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1339", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1339" }, { - "refsource": "BID", - "name": "107476", - "url": "http://www.securityfocus.com/bid/107476" + "url": "http://www.securityfocus.com/bid/107476", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/107476" }, { - "refsource": "REDHAT", - "name": "RHSA-2019:0739", - "url": "https://access.redhat.com/errata/RHSA-2019:0739" + "url": "https://access.redhat.com/errata/RHSA-2019:0739", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2019:0739" } ] } diff --git a/2019/1003xxx/CVE-2019-1003032.json b/2019/1003xxx/CVE-2019-1003032.json index e06f3fd2da0..888626d945f 100644 --- a/2019/1003xxx/CVE-2019-1003032.json +++ b/2019/1003xxx/CVE-2019-1003032.json @@ -1,37 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "DATE_ASSIGNED": "2019-03-06T22:44:37.385288", "ID": "CVE-2019-1003032", - "REQUESTER": "ml@beckweb.net", + "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Jenkins Email Extension Plugin", - "version": { - "version_data": [ - { - "version_value": "2.64 and earlier" - } - ] - } - } - ] - }, - "vendor_name": "Jenkins project" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -46,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-693" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Email Extension Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.64 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1340", - "refsource": "CONFIRM", - "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1340" + "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1340", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1340" }, { - "refsource": "BID", - "name": "107476", - "url": "http://www.securityfocus.com/bid/107476" + "url": "http://www.securityfocus.com/bid/107476", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/107476" } ] } diff --git a/2019/1003xxx/CVE-2019-1003033.json b/2019/1003xxx/CVE-2019-1003033.json index b8aa2762096..eb320667db5 100644 --- a/2019/1003xxx/CVE-2019-1003033.json +++ b/2019/1003xxx/CVE-2019-1003033.json @@ -1,37 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "DATE_ASSIGNED": "2019-03-06T22:44:37.385701", "ID": "CVE-2019-1003033", - "REQUESTER": "ml@beckweb.net", + "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Jenkins Groovy Plugin", - "version": { - "version_data": [ - { - "version_value": "2.1 and earlier" - } - ] - } - } - ] - }, - "vendor_name": "Jenkins project" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -46,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-693" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Groovy Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.1 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1338", - "refsource": "CONFIRM", - "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1338" + "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1338", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1338" }, { - "refsource": "BID", - "name": "107476", - "url": "http://www.securityfocus.com/bid/107476" + "url": "http://www.securityfocus.com/bid/107476", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/107476" } ] } diff --git a/2019/1003xxx/CVE-2019-1003034.json b/2019/1003xxx/CVE-2019-1003034.json index e4f44f7c42b..f9bd1605742 100644 --- a/2019/1003xxx/CVE-2019-1003034.json +++ b/2019/1003xxx/CVE-2019-1003034.json @@ -1,37 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "DATE_ASSIGNED": "2019-03-06T22:44:37.386102", "ID": "CVE-2019-1003034", - "REQUESTER": "ml@beckweb.net", + "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Jenkins Job DSL Plugin", - "version": { - "version_data": [ - { - "version_value": "1.71 and earlier" - } - ] - } - } - ] - }, - "vendor_name": "Jenkins project" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -46,28 +21,52 @@ "description": [ { "lang": "eng", - "value": "CWE-693" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Job DSL Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.71 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1342", - "refsource": "CONFIRM", - "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1342" + "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1342", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1342" }, { - "refsource": "BID", - "name": "107476", - "url": "http://www.securityfocus.com/bid/107476" + "url": "http://www.securityfocus.com/bid/107476", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/107476" }, { - "refsource": "REDHAT", - "name": "RHSA-2019:0739", - "url": "https://access.redhat.com/errata/RHSA-2019:0739" + "url": "https://access.redhat.com/errata/RHSA-2019:0739", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2019:0739" } ] } diff --git a/2019/1003xxx/CVE-2019-1003035.json b/2019/1003xxx/CVE-2019-1003035.json index 05976140337..a7ac82f2951 100644 --- a/2019/1003xxx/CVE-2019-1003035.json +++ b/2019/1003xxx/CVE-2019-1003035.json @@ -1,37 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "DATE_ASSIGNED": "2019-03-06T22:44:37.386559", "ID": "CVE-2019-1003035", - "REQUESTER": "ml@beckweb.net", + "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Jenkins Azure VM Agents Plugin", - "version": { - "version_data": [ - { - "version_value": "0.8.0 and earlier" - } - ] - } - } - ] - }, - "vendor_name": "Jenkins project" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -46,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-285, CWE-201" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Azure VM Agents Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "0.8.0 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1330", - "refsource": "CONFIRM", - "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1330" + "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1330", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1330" }, { - "refsource": "BID", - "name": "107476", - "url": "http://www.securityfocus.com/bid/107476" + "url": "http://www.securityfocus.com/bid/107476", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/107476" } ] } diff --git a/2019/1003xxx/CVE-2019-1003036.json b/2019/1003xxx/CVE-2019-1003036.json index cfa4b946ac8..effaeec3eba 100644 --- a/2019/1003xxx/CVE-2019-1003036.json +++ b/2019/1003xxx/CVE-2019-1003036.json @@ -1,37 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "DATE_ASSIGNED": "2019-03-06T22:44:37.386888", "ID": "CVE-2019-1003036", - "REQUESTER": "ml@beckweb.net", + "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Jenkins Azure VM Agents Plugin", - "version": { - "version_data": [ - { - "version_value": "0.8.0 and earlier" - } - ] - } - } - ] - }, - "vendor_name": "Jenkins project" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -46,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-285, CWE-352" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Azure VM Agents Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "0.8.0 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1331", - "refsource": "CONFIRM", - "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1331" + "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1331", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1331" }, { - "refsource": "BID", - "name": "107476", - "url": "http://www.securityfocus.com/bid/107476" + "url": "http://www.securityfocus.com/bid/107476", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/107476" } ] } diff --git a/2019/1003xxx/CVE-2019-1003037.json b/2019/1003xxx/CVE-2019-1003037.json index b12b28eca1d..782e2cda808 100644 --- a/2019/1003xxx/CVE-2019-1003037.json +++ b/2019/1003xxx/CVE-2019-1003037.json @@ -1,37 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "DATE_ASSIGNED": "2019-03-06T22:44:37.387239", "ID": "CVE-2019-1003037", - "REQUESTER": "ml@beckweb.net", + "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Jenkins Azure VM Agents Plugin", - "version": { - "version_data": [ - { - "version_value": "0.8.0 and earlier" - } - ] - } - } - ] - }, - "vendor_name": "Jenkins project" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -46,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-285, CWE-201" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Azure VM Agents Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "0.8.0 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1332", - "refsource": "CONFIRM", - "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1332" + "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1332", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1332" }, { - "refsource": "BID", - "name": "107476", - "url": "http://www.securityfocus.com/bid/107476" + "url": "http://www.securityfocus.com/bid/107476", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/107476" } ] } diff --git a/2019/1003xxx/CVE-2019-1003038.json b/2019/1003xxx/CVE-2019-1003038.json index 796dce7a02d..aad5c4da8be 100644 --- a/2019/1003xxx/CVE-2019-1003038.json +++ b/2019/1003xxx/CVE-2019-1003038.json @@ -1,37 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "DATE_ASSIGNED": "2019-03-06T22:44:37.387698", "ID": "CVE-2019-1003038", - "REQUESTER": "ml@beckweb.net", + "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Jenkins Repository Connector Plugin", - "version": { - "version_data": [ - { - "version_value": "1.2.4 and earlier" - } - ] - } - } - ] - }, - "vendor_name": "Jenkins project" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -46,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-522" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Repository Connector Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.2.4 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-958", - "refsource": "CONFIRM", - "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-958" + "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-958", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-958" }, { - "refsource": "BID", - "name": "107476", - "url": "http://www.securityfocus.com/bid/107476" + "url": "http://www.securityfocus.com/bid/107476", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/107476" } ] } diff --git a/2019/1003xxx/CVE-2019-1003039.json b/2019/1003xxx/CVE-2019-1003039.json index 334f90fb11f..5c37194d059 100644 --- a/2019/1003xxx/CVE-2019-1003039.json +++ b/2019/1003xxx/CVE-2019-1003039.json @@ -1,37 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "jenkinsci-cert@googlegroups.com", - "DATE_ASSIGNED": "2019-03-06T22:44:37.388179", "ID": "CVE-2019-1003039", - "REQUESTER": "ml@beckweb.net", + "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "JenkinsAppDynamics Dashboard Plugin", - "version": { - "version_data": [ - { - "version_value": "1.0.14 and earlier" - } - ] - } - } - ] - }, - "vendor_name": "Jenkins project" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -46,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-522" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "JenkinsAppDynamics Dashboard Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0.14 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1087", - "refsource": "CONFIRM", - "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1087" + "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1087", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1087" }, { - "refsource": "BID", - "name": "107476", - "url": "http://www.securityfocus.com/bid/107476" + "url": "http://www.securityfocus.com/bid/107476", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/107476" } ] } diff --git a/2019/1003xxx/CVE-2019-1003040.json b/2019/1003xxx/CVE-2019-1003040.json index e05cca3625c..10ae3ca11e4 100644 --- a/2019/1003xxx/CVE-2019-1003040.json +++ b/2019/1003xxx/CVE-2019-1003040.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-1003040", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Script Security Plugin", - "version": { - "version_data": [ - { - "version_value": "1.55 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,32 +21,56 @@ "description": [ { "lang": "eng", - "value": "CWE-265" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Script Security Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.55 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190328 Re: Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/03/28/2" + "url": "http://www.openwall.com/lists/oss-security/2019/03/28/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/03/28/2" }, { - "refsource": "BID", - "name": "107628", - "url": "http://www.securityfocus.com/bid/107628" + "url": "http://www.securityfocus.com/bid/107628", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/107628" }, { - "refsource": "REDHAT", - "name": "RHSA-2019:1423", - "url": "https://access.redhat.com/errata/RHSA-2019:1423" + "url": "https://access.redhat.com/errata/RHSA-2019:1423", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2019:1423" }, { "url": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1353", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1353" } ] diff --git a/2019/1003xxx/CVE-2019-1003041.json b/2019/1003xxx/CVE-2019-1003041.json index ce679da2bf7..b7ae6cb84d3 100644 --- a/2019/1003xxx/CVE-2019-1003041.json +++ b/2019/1003xxx/CVE-2019-1003041.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-1003041", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Pipeline: Groovy Plugin", - "version": { - "version_data": [ - { - "version_value": "2.64 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,32 +21,56 @@ "description": [ { "lang": "eng", - "value": "CWE-265" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Pipeline: Groovy Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.64 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190328 Re: Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/03/28/2" + "url": "http://www.openwall.com/lists/oss-security/2019/03/28/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/03/28/2" }, { - "refsource": "BID", - "name": "107628", - "url": "http://www.securityfocus.com/bid/107628" + "url": "http://www.securityfocus.com/bid/107628", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/107628" }, { - "refsource": "REDHAT", - "name": "RHSA-2019:1423", - "url": "https://access.redhat.com/errata/RHSA-2019:1423" + "url": "https://access.redhat.com/errata/RHSA-2019:1423", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2019:1423" }, { "url": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1353", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1353" } ] diff --git a/2019/10xxx/CVE-2019-10459.json b/2019/10xxx/CVE-2019-10459.json index 832069b6341..adb33bedeca 100644 --- a/2019/10xxx/CVE-2019-10459.json +++ b/2019/10xxx/CVE-2019-10459.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10459", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Mattermost Notification Plugin", - "version": { - "version_data": [ - { - "version_value": "2.7.0 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-256" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Mattermost Notification Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.7.0 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1628", "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1628", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1628" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2019/10xxx/CVE-2019-10460.json b/2019/10xxx/CVE-2019-10460.json index fe4cf342c3d..58ccf7d4e52 100644 --- a/2019/10xxx/CVE-2019-10460.json +++ b/2019/10xxx/CVE-2019-10460.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10460", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Bitbucket OAuth Plugin", - "version": { - "version_data": [ - { - "version_value": "0.9 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-256" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Bitbucket OAuth Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "0.9 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1546", "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1546", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1546" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2019/10xxx/CVE-2019-10461.json b/2019/10xxx/CVE-2019-10461.json index eda41f1621b..4b2c3ed70b4 100644 --- a/2019/10xxx/CVE-2019-10461.json +++ b/2019/10xxx/CVE-2019-10461.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10461", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Dynatrace Application Monitoring Plugin", - "version": { - "version_data": [ - { - "version_value": "2.1.3 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-256" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Dynatrace Application Monitoring Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.1.3 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1477", "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1477", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1477" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2019/10xxx/CVE-2019-10462.json b/2019/10xxx/CVE-2019-10462.json index 9acaf0a3d11..a55d0d0dfe2 100644 --- a/2019/10xxx/CVE-2019-10462.json +++ b/2019/10xxx/CVE-2019-10462.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10462", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Dynatrace Application Monitoring Plugin", - "version": { - "version_data": [ - { - "version_value": "2.1.3 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-352" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Dynatrace Application Monitoring Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.1.3 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1483%20(1)", - "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1483%20(1)", - "refsource": "CONFIRM" + "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1483%20%281%29", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1483%20%281%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2019/10xxx/CVE-2019-10463.json b/2019/10xxx/CVE-2019-10463.json index f03a4bb51aa..270334b7ba5 100644 --- a/2019/10xxx/CVE-2019-10463.json +++ b/2019/10xxx/CVE-2019-10463.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10463", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Dynatrace Application Monitoring Plugin", - "version": { - "version_data": [ - { - "version_value": "2.1.4 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-285" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Dynatrace Application Monitoring Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.1.4 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1483%20(2)", - "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1483%20(2)", - "refsource": "CONFIRM" + "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1483%20%282%29", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1483%20%282%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2019/10xxx/CVE-2019-10464.json b/2019/10xxx/CVE-2019-10464.json index 6c55ffc4a04..ac8419e0cdd 100644 --- a/2019/10xxx/CVE-2019-10464.json +++ b/2019/10xxx/CVE-2019-10464.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10464", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Deploy WebLogic Plugin", - "version": { - "version_data": [ - { - "version_value": "4.1 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-352" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Deploy WebLogic Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.1 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-820", "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-820", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-820" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2019/10xxx/CVE-2019-10465.json b/2019/10xxx/CVE-2019-10465.json index e60c7589804..ddba8d7a3bd 100644 --- a/2019/10xxx/CVE-2019-10465.json +++ b/2019/10xxx/CVE-2019-10465.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10465", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Deploy WebLogic Plugin", - "version": { - "version_data": [ - { - "version_value": "4.1 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-285" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Deploy WebLogic Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.1 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-820", "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-820", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-820" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2019/10xxx/CVE-2019-10466.json b/2019/10xxx/CVE-2019-10466.json index 5de44506996..5f6536caa1d 100644 --- a/2019/10xxx/CVE-2019-10466.json +++ b/2019/10xxx/CVE-2019-10466.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10466", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins 360 FireLine Plugin", - "version": { - "version_data": [ - { - "version_value": "1.7.2 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-611" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins 360 FireLine Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.7.2 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-822", "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-822", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-822" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2019/10xxx/CVE-2019-10467.json b/2019/10xxx/CVE-2019-10467.json index fa58dfd11d5..7dfa2bd80e5 100644 --- a/2019/10xxx/CVE-2019-10467.json +++ b/2019/10xxx/CVE-2019-10467.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10467", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Sonar Gerrit Plugin", - "version": { - "version_data": [ - { - "version_value": "2.3 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-256" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Sonar Gerrit Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.3 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1003", "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1003", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1003" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2019/10xxx/CVE-2019-10468.json b/2019/10xxx/CVE-2019-10468.json index 9c2e398368d..692ff5507fa 100644 --- a/2019/10xxx/CVE-2019-10468.json +++ b/2019/10xxx/CVE-2019-10468.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10468", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin", - "version": { - "version_data": [ - { - "version_value": "1.3 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-352" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.3 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1005%20(1)", - "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1005%20(1)", - "refsource": "CONFIRM" + "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1005%20%281%29", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1005%20%281%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2019/10xxx/CVE-2019-10469.json b/2019/10xxx/CVE-2019-10469.json index 31d8674fe88..8f6f0e2e1d6 100644 --- a/2019/10xxx/CVE-2019-10469.json +++ b/2019/10xxx/CVE-2019-10469.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10469", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin", - "version": { - "version_data": [ - { - "version_value": "1.3 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-285" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.3 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1005%20(1)", - "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1005%20(1)", - "refsource": "CONFIRM" + "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1005%20%281%29", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1005%20%281%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2019/10xxx/CVE-2019-10470.json b/2019/10xxx/CVE-2019-10470.json index b0ae6987953..766de297255 100644 --- a/2019/10xxx/CVE-2019-10470.json +++ b/2019/10xxx/CVE-2019-10470.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10470", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin", - "version": { - "version_data": [ - { - "version_value": "1.3 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-285" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.3 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1005%20(2)", - "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1005%20(2)", - "refsource": "CONFIRM" + "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1005%20%282%29", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1005%20%282%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2019/10xxx/CVE-2019-10471.json b/2019/10xxx/CVE-2019-10471.json index 4bf978066d3..daa5a062750 100644 --- a/2019/10xxx/CVE-2019-10471.json +++ b/2019/10xxx/CVE-2019-10471.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10471", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Libvirt Slaves Plugin", - "version": { - "version_data": [ - { - "version_value": "1.8.5 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-352" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Libvirt Slaves Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.8.5 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1014%20(1)", - "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1014%20(1)", - "refsource": "CONFIRM" + "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1014%20%281%29", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1014%20%281%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2019/10xxx/CVE-2019-10472.json b/2019/10xxx/CVE-2019-10472.json index 33e4416d36f..1d330f3b351 100644 --- a/2019/10xxx/CVE-2019-10472.json +++ b/2019/10xxx/CVE-2019-10472.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10472", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Libvirt Slaves Plugin", - "version": { - "version_data": [ - { - "version_value": "1.8.5 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-285" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Libvirt Slaves Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.8.5 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1014%20(1)", - "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1014%20(1)", - "refsource": "CONFIRM" + "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1014%20%281%29", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1014%20%281%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2019/10xxx/CVE-2019-10473.json b/2019/10xxx/CVE-2019-10473.json index 2aedb3f114a..b0482643eba 100644 --- a/2019/10xxx/CVE-2019-10473.json +++ b/2019/10xxx/CVE-2019-10473.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10473", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Libvirt Slaves Plugin", - "version": { - "version_data": [ - { - "version_value": "1.8.5 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-285" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Libvirt Slaves Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.8.5 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1014%20(2)", - "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1014%20(2)", - "refsource": "CONFIRM" + "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1014%20%282%29", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1014%20%282%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2019/10xxx/CVE-2019-10474.json b/2019/10xxx/CVE-2019-10474.json index 328373518d3..ea8e3af08e2 100644 --- a/2019/10xxx/CVE-2019-10474.json +++ b/2019/10xxx/CVE-2019-10474.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10474", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Global Post Script Plugin", - "version": { - "version_data": [ - { - "version_value": "1.1.4 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,23 +21,47 @@ "description": [ { "lang": "eng", - "value": "CWE-285" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Global Post Script Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.1.4 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1073", "url": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1073", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1073" }, { - "refsource": "MLIST", - "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/23/2" } ] } diff --git a/2020/2xxx/CVE-2020-2146.json b/2020/2xxx/CVE-2020-2146.json index 9401c7c56d5..7180f866911 100644 --- a/2020/2xxx/CVE-2020-2146.json +++ b/2020/2xxx/CVE-2020-2146.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2146", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Mac Plugin", - "version": { - "version_data": [ - { - "version_value": "1.1.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-300: Channel Accessible by Non-Endpoint" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Mac Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.1.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1692", "url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1692", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1692" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1" + "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/09/1" } ] } diff --git a/2020/2xxx/CVE-2020-2147.json b/2020/2xxx/CVE-2020-2147.json index 516f768f282..26317002e0f 100644 --- a/2020/2xxx/CVE-2020-2147.json +++ b/2020/2xxx/CVE-2020-2147.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2147", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Mac Plugin", - "version": { - "version_data": [ - { - "version_value": "1.1.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Mac Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.1.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1761", "url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1761", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1761" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1" + "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/09/1" } ] } diff --git a/2020/2xxx/CVE-2020-2148.json b/2020/2xxx/CVE-2020-2148.json index 8a51a70b2b3..05a4b6ce6b6 100644 --- a/2020/2xxx/CVE-2020-2148.json +++ b/2020/2xxx/CVE-2020-2148.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2148", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Mac Plugin", - "version": { - "version_data": [ - { - "version_value": "1.1.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-285: Improper Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Mac Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.1.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1761", "url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1761", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1761" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1" + "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/09/1" } ] } diff --git a/2020/2xxx/CVE-2020-2149.json b/2020/2xxx/CVE-2020-2149.json index 6e7c454dc86..9ba43206d95 100644 --- a/2020/2xxx/CVE-2020-2149.json +++ b/2020/2xxx/CVE-2020-2149.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2149", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Repository Connector Plugin", - "version": { - "version_data": [ - { - "version_value": "1.2.6", - "version_affected": "<=" - }, - { - "version_value": "1.2.6", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-319: Cleartext Transmission of Sensitive Information" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Repository Connector Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.2.6", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.2.6", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1520", "url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1520", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1520" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1" + "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/09/1" } ] } diff --git a/2020/2xxx/CVE-2020-2150.json b/2020/2xxx/CVE-2020-2150.json index a4b78653448..2579e08bb69 100644 --- a/2020/2xxx/CVE-2020-2150.json +++ b/2020/2xxx/CVE-2020-2150.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2150", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Sonar Quality Gates Plugin", - "version": { - "version_data": [ - { - "version_value": "1.3.1", - "version_affected": "<=" - }, - { - "version_value": "1.3.1", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-319: Cleartext Transmission of Sensitive Information" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Sonar Quality Gates Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.3.1", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.3.1", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1523", "url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1523", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1523" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1" + "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/09/1" } ] } diff --git a/2020/2xxx/CVE-2020-2151.json b/2020/2xxx/CVE-2020-2151.json index 8a713895155..407bd8925bd 100644 --- a/2020/2xxx/CVE-2020-2151.json +++ b/2020/2xxx/CVE-2020-2151.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2151", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Quality Gates Plugin", - "version": { - "version_data": [ - { - "version_value": "2.5", - "version_affected": "<=" - }, - { - "version_value": "2.5", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-319: Cleartext Transmission of Sensitive Information" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Quality Gates Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "2.5", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 2.5", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1519", "url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1519", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1519" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1" + "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/09/1" } ] } diff --git a/2020/2xxx/CVE-2020-2152.json b/2020/2xxx/CVE-2020-2152.json index 30fef5e069d..729f8b88042 100644 --- a/2020/2xxx/CVE-2020-2152.json +++ b/2020/2xxx/CVE-2020-2152.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2152", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Subversion Release Manager Plugin", - "version": { - "version_data": [ - { - "version_value": "1.2", - "version_affected": "<=" - }, - { - "version_value": "1.2", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Subversion Release Manager Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.2", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.2", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1727", "url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1727", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1727" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1" + "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/09/1" } ] } diff --git a/2020/2xxx/CVE-2020-2153.json b/2020/2xxx/CVE-2020-2153.json index 3567be82422..e2cdb09ad86 100644 --- a/2020/2xxx/CVE-2020-2153.json +++ b/2020/2xxx/CVE-2020-2153.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2153", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Backlog Plugin", - "version": { - "version_data": [ - { - "version_value": "2.4", - "version_affected": "<=" - }, - { - "version_value": "2.4", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-319: Cleartext Transmission of Sensitive Information" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Backlog Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "2.4", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 2.4", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1510", "url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1510", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1510" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1" + "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/09/1" } ] } diff --git a/2020/2xxx/CVE-2020-2154.json b/2020/2xxx/CVE-2020-2154.json index 13eac2ccc88..172de4ae1be 100644 --- a/2020/2xxx/CVE-2020-2154.json +++ b/2020/2xxx/CVE-2020-2154.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2154", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Zephyr for JIRA Test Management Plugin", - "version": { - "version_data": [ - { - "version_value": "1.5", - "version_affected": "<=" - }, - { - "version_value": "1.5", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-256: Unprotected Storage of Credentials" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Zephyr for JIRA Test Management Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.5", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.5", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1550", "url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1550", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1550" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1" + "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/09/1" } ] } diff --git a/2020/2xxx/CVE-2020-2155.json b/2020/2xxx/CVE-2020-2155.json index 96e74e8e9f6..7cdab6999b5 100644 --- a/2020/2xxx/CVE-2020-2155.json +++ b/2020/2xxx/CVE-2020-2155.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2155", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins OpenShift Deployer Plugin", - "version": { - "version_data": [ - { - "version_value": "1.2.0", - "version_affected": "<=" - }, - { - "version_value": "1.2.0", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-319: Cleartext Transmission of Sensitive Information" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins OpenShift Deployer Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.2.0", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.2.0", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1518", "url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1518", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1518" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1" + "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/09/1" } ] } diff --git a/2020/2xxx/CVE-2020-2156.json b/2020/2xxx/CVE-2020-2156.json index 052f72ad287..6c4b34a2fe9 100644 --- a/2020/2xxx/CVE-2020-2156.json +++ b/2020/2xxx/CVE-2020-2156.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2156", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins DeployHub Plugin", - "version": { - "version_data": [ - { - "version_value": "8.0.14", - "version_affected": "<=" - }, - { - "version_value": "8.0.14", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-319: Cleartext Transmission of Sensitive Information" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins DeployHub Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "8.0.14", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 8.0.14", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1511", "url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1511", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1511" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1" + "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/09/1" } ] } diff --git a/2020/2xxx/CVE-2020-2157.json b/2020/2xxx/CVE-2020-2157.json index 220dfd78a45..eb37b8b4f87 100644 --- a/2020/2xxx/CVE-2020-2157.json +++ b/2020/2xxx/CVE-2020-2157.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2157", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Skytap Cloud CI Plugin", - "version": { - "version_data": [ - { - "version_value": "2.07", - "version_affected": "<=" - }, - { - "version_value": "2.07", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-319: Cleartext Transmission of Sensitive Information" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Skytap Cloud CI Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "2.07", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 2.07", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1522", "url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1522", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1522" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1" + "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/09/1" } ] } diff --git a/2020/2xxx/CVE-2020-2158.json b/2020/2xxx/CVE-2020-2158.json index 6f551ce569c..105bc5c99cc 100644 --- a/2020/2xxx/CVE-2020-2158.json +++ b/2020/2xxx/CVE-2020-2158.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2158", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Literate Plugin", - "version": { - "version_data": [ - { - "version_value": "1.0", - "version_affected": "<=" - }, - { - "version_value": "1.0", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-502: Deserialization of Untrusted Data" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Literate Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.0", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.0", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1750", "url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1750", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1750" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1" + "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/09/1" } ] } diff --git a/2020/2xxx/CVE-2020-2159.json b/2020/2xxx/CVE-2020-2159.json index 1de2cc05b95..74a164403ce 100644 --- a/2020/2xxx/CVE-2020-2159.json +++ b/2020/2xxx/CVE-2020-2159.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2159", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins CryptoMove Plugin", - "version": { - "version_data": [ - { - "version_value": "0.1.33", - "version_affected": "<=" - }, - { - "version_value": "0.1.33", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins CryptoMove Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "0.1.33", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 0.1.33", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1635", "url": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1635", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1635" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200309 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1" + "url": "http://www.openwall.com/lists/oss-security/2020/03/09/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/09/1" } ] } diff --git a/2020/2xxx/CVE-2020-2160.json b/2020/2xxx/CVE-2020-2160.json index f86b1665bf1..9e3a66bb343 100644 --- a/2020/2xxx/CVE-2020-2160.json +++ b/2020/2xxx/CVE-2020-2160.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2160", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.227", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.204.5", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-435: Improper Interaction Between Multiple Correctly-Behaving Entities" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.227" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1774", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1774", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1774" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200325 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/25/2" + "url": "http://www.openwall.com/lists/oss-security/2020/03/25/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/25/2" } ] } diff --git a/2020/2xxx/CVE-2020-2161.json b/2020/2xxx/CVE-2020-2161.json index db670745231..3ab145470ac 100644 --- a/2020/2xxx/CVE-2020-2161.json +++ b/2020/2xxx/CVE-2020-2161.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2161", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.227", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.204.5", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.227" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1781", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1781", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1781" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200325 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/25/2" + "url": "http://www.openwall.com/lists/oss-security/2020/03/25/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/25/2" } ] } diff --git a/2020/2xxx/CVE-2020-2162.json b/2020/2xxx/CVE-2020-2162.json index f2000622e00..d7958811cac 100644 --- a/2020/2xxx/CVE-2020-2162.json +++ b/2020/2xxx/CVE-2020-2162.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2162", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.227", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.204.5", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.227" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200325 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/03/25/2" + "url": "http://www.openwall.com/lists/oss-security/2020/03/25/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/03/25/2" } ] } diff --git a/2022/28xxx/CVE-2022-28143.json b/2022/28xxx/CVE-2022-28143.json index d71b10cbf08..d22534594a6 100644 --- a/2022/28xxx/CVE-2022-28143.json +++ b/2022/28xxx/CVE-2022-28143.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28143", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Proxmox Plugin", - "version": { - "version_data": [ - { - "version_value": "0.7.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Proxmox Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "0.7.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2082", "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2082", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2082" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28144.json b/2022/28xxx/CVE-2022-28144.json index d657b550935..70c1709c461 100644 --- a/2022/28xxx/CVE-2022-28144.json +++ b/2022/28xxx/CVE-2022-28144.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28144", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Proxmox Plugin", - "version": { - "version_data": [ - { - "version_value": "0.7.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Proxmox Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "0.7.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2082", "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2082", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2082" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28145.json b/2022/28xxx/CVE-2022-28145.json index 04e8d3ac28e..2c545c8d100 100644 --- a/2022/28xxx/CVE-2022-28145.json +++ b/2022/28xxx/CVE-2022-28145.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28145", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Continuous Integration with Toad Edge Plugin", - "version": { - "version_data": [ - { - "version_value": "2.3", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Continuous Integration with Toad Edge Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-1892", "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-1892", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-1892" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28146.json b/2022/28xxx/CVE-2022-28146.json index 461b6a35e41..fca5728050f 100644 --- a/2022/28xxx/CVE-2022-28146.json +++ b/2022/28xxx/CVE-2022-28146.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28146", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Continuous Integration with Toad Edge Plugin", - "version": { - "version_data": [ - { - "version_value": "2.3", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Continuous Integration with Toad Edge Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2633", "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2633", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2633" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28147.json b/2022/28xxx/CVE-2022-28147.json index 5d0ac9d6c60..9f2335bf28e 100644 --- a/2022/28xxx/CVE-2022-28147.json +++ b/2022/28xxx/CVE-2022-28147.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28147", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Continuous Integration with Toad Edge Plugin", - "version": { - "version_data": [ - { - "version_value": "2.3", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Continuous Integration with Toad Edge Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2635", "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2635", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2635" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28148.json b/2022/28xxx/CVE-2022-28148.json index c5ea84f70c4..30a13f7912e 100644 --- a/2022/28xxx/CVE-2022-28148.json +++ b/2022/28xxx/CVE-2022-28148.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28148", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Continuous Integration with Toad Edge Plugin", - "version": { - "version_data": [ - { - "version_value": "2.3", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Continuous Integration with Toad Edge Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.3" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2654", "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2654", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2654" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28149.json b/2022/28xxx/CVE-2022-28149.json index e32e63a73f8..4124059199a 100644 --- a/2022/28xxx/CVE-2022-28149.json +++ b/2022/28xxx/CVE-2022-28149.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28149", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Job and Node ownership Plugin", - "version": { - "version_data": [ - { - "version_value": "0.13.0", - "version_affected": "<=" - }, - { - "version_value": "0.13.0", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Job and Node ownership Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "0.13.0", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 0.13.0", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2285", "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2285", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2285" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28150.json b/2022/28xxx/CVE-2022-28150.json index 4e924fb2fba..d99df957010 100644 --- a/2022/28xxx/CVE-2022-28150.json +++ b/2022/28xxx/CVE-2022-28150.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28150", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Job and Node ownership Plugin", - "version": { - "version_data": [ - { - "version_value": "0.13.0", - "version_affected": "<=" - }, - { - "version_value": "0.13.0", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Job and Node ownership Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "0.13.0", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 0.13.0", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2062%20(1)", - "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2062%20(1)", - "refsource": "CONFIRM" + "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2062%20%281%29", + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2062%20%281%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28151.json b/2022/28xxx/CVE-2022-28151.json index 9cc6129c335..36de57db533 100644 --- a/2022/28xxx/CVE-2022-28151.json +++ b/2022/28xxx/CVE-2022-28151.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28151", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Job and Node ownership Plugin", - "version": { - "version_data": [ - { - "version_value": "0.13.0", - "version_affected": "<=" - }, - { - "version_value": "0.13.0", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Job and Node ownership Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "0.13.0", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 0.13.0", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2062%20(1)", - "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2062%20(1)", - "refsource": "CONFIRM" + "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2062%20%281%29", + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2062%20%281%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28152.json b/2022/28xxx/CVE-2022-28152.json index f71b644b1a6..b7f48be3260 100644 --- a/2022/28xxx/CVE-2022-28152.json +++ b/2022/28xxx/CVE-2022-28152.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28152", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Job and Node ownership Plugin", - "version": { - "version_data": [ - { - "version_value": "0.13.0", - "version_affected": "<=" - }, - { - "version_value": "0.13.0", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Job and Node ownership Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "0.13.0", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 0.13.0", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2062%20(2)", - "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2062%20(2)", - "refsource": "CONFIRM" + "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2062%20%282%29", + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2062%20%282%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28153.json b/2022/28xxx/CVE-2022-28153.json index 163e3917869..4047a13e31d 100644 --- a/2022/28xxx/CVE-2022-28153.json +++ b/2022/28xxx/CVE-2022-28153.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28153", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins SiteMonitor Plugin", - "version": { - "version_data": [ - { - "version_value": "0.6", - "version_affected": "<=" - }, - { - "version_value": "0.6", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins SiteMonitor Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "0.6", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 0.6", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-1932", "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-1932", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-1932" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28154.json b/2022/28xxx/CVE-2022-28154.json index ec194a83ab5..8200f14124e 100644 --- a/2022/28xxx/CVE-2022-28154.json +++ b/2022/28xxx/CVE-2022-28154.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28154", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Coverage/Complexity Scatter Plot Plugin", - "version": { - "version_data": [ - { - "version_value": "1.1.1", - "version_affected": "<=" - }, - { - "version_value": "1.1.1", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-611: Improper Restriction of XML External Entity Reference" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Coverage/Complexity Scatter Plot Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.1.1", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.1.1", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-1899", "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-1899", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-1899" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28155.json b/2022/28xxx/CVE-2022-28155.json index d1094786154..34dc8a6f749 100644 --- a/2022/28xxx/CVE-2022-28155.json +++ b/2022/28xxx/CVE-2022-28155.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28155", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Pipeline: Phoenix AutoTest Plugin", - "version": { - "version_data": [ - { - "version_value": "1.3", - "version_affected": "<=" - }, - { - "version_value": "1.3", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-611: Improper Restriction of XML External Entity Reference" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Pipeline: Phoenix AutoTest Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.3", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.3", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-1897", "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-1897", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-1897" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28156.json b/2022/28xxx/CVE-2022-28156.json index cb0389061d8..d92ae68687a 100644 --- a/2022/28xxx/CVE-2022-28156.json +++ b/2022/28xxx/CVE-2022-28156.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28156", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Pipeline: Phoenix AutoTest Plugin", - "version": { - "version_data": [ - { - "version_value": "1.3", - "version_affected": "<=" - }, - { - "version_value": "1.3", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Pipeline: Phoenix AutoTest Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.3", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.3", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2683", "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2683", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2683" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28157.json b/2022/28xxx/CVE-2022-28157.json index 49361e84f5e..63632940469 100644 --- a/2022/28xxx/CVE-2022-28157.json +++ b/2022/28xxx/CVE-2022-28157.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28157", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Pipeline: Phoenix AutoTest Plugin", - "version": { - "version_data": [ - { - "version_value": "1.3", - "version_affected": "<=" - }, - { - "version_value": "1.3", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Pipeline: Phoenix AutoTest Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.3", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.3", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2684", "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2684", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2684" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28158.json b/2022/28xxx/CVE-2022-28158.json index ff71ed180e8..a04eebc2d5d 100644 --- a/2022/28xxx/CVE-2022-28158.json +++ b/2022/28xxx/CVE-2022-28158.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28158", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Pipeline: Phoenix AutoTest Plugin", - "version": { - "version_data": [ - { - "version_value": "1.3", - "version_affected": "<=" - }, - { - "version_value": "1.3", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Pipeline: Phoenix AutoTest Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.3", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.3", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2685", "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2685", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2685" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/28xxx/CVE-2022-28159.json b/2022/28xxx/CVE-2022-28159.json index b6f38d4b6ca..94adba30f17 100644 --- a/2022/28xxx/CVE-2022-28159.json +++ b/2022/28xxx/CVE-2022-28159.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-28159", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Tests Selector Plugin", - "version": { - "version_data": [ - { - "version_value": "1.3.3", - "version_affected": "<=" - }, - { - "version_value": "1.3.3", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Tests Selector Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.3.3", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.3.3", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2262", "url": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2262", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-03-29/#SECURITY-2262" }, { - "refsource": "MLIST", - "name": "[oss-security] 20220329 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1" + "url": "http://www.openwall.com/lists/oss-security/2022/03/29/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/03/29/1" } ] } diff --git a/2022/43xxx/CVE-2022-43430.json b/2022/43xxx/CVE-2022-43430.json index 316095d07b1..c4e2363b016 100644 --- a/2022/43xxx/CVE-2022-43430.json +++ b/2022/43xxx/CVE-2022-43430.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-43430", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Compuware Topaz for Total Test Plugin", - "version": { - "version_data": [ - { - "version_value": "2.4.8", - "version_affected": "<=" - }, - { - "version_value": "2.4.8", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-611: Improper Restriction of XML External Entity Reference" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Compuware Topaz for Total Test Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "2.4.8", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 2.4.8", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2625", "url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2625", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2625" }, { - "refsource": "MLIST", - "name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/10/19/3" + "url": "http://www.openwall.com/lists/oss-security/2022/10/19/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/10/19/3" } ] } diff --git a/2022/43xxx/CVE-2022-43431.json b/2022/43xxx/CVE-2022-43431.json index 73d4855d79b..68caa8e4102 100644 --- a/2022/43xxx/CVE-2022-43431.json +++ b/2022/43xxx/CVE-2022-43431.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-43431", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Compuware Strobe Measurement Plugin", - "version": { - "version_data": [ - { - "version_value": "1.0.1", - "version_affected": "<=" - }, - { - "version_value": "1.0.1", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Compuware Strobe Measurement Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.0.1", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.0.1", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2631", "url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2631", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2631" }, { - "refsource": "MLIST", - "name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/10/19/3" + "url": "http://www.openwall.com/lists/oss-security/2022/10/19/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/10/19/3" } ] } diff --git a/2022/43xxx/CVE-2022-43432.json b/2022/43xxx/CVE-2022-43432.json index 41c1c2176ca..36fd38ad809 100644 --- a/2022/43xxx/CVE-2022-43432.json +++ b/2022/43xxx/CVE-2022-43432.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-43432", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins XFramium Builder Plugin", - "version": { - "version_data": [ - { - "version_value": "1.0.22", - "version_affected": "<=" - }, - { - "version_value": "1.0.22", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-693: Protection Mechanism Failure" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins XFramium Builder Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.0.22", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.0.22", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2863", "url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2863", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2863" }, { - "refsource": "MLIST", - "name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/10/19/3" + "url": "http://www.openwall.com/lists/oss-security/2022/10/19/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/10/19/3" } ] } diff --git a/2022/43xxx/CVE-2022-43433.json b/2022/43xxx/CVE-2022-43433.json index 4ea4dcaf2b9..24ddee32322 100644 --- a/2022/43xxx/CVE-2022-43433.json +++ b/2022/43xxx/CVE-2022-43433.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-43433", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins ScreenRecorder Plugin", - "version": { - "version_data": [ - { - "version_value": "0.7", - "version_affected": "<=" - }, - { - "version_value": "0.7", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-693: Protection Mechanism Failure" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins ScreenRecorder Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "0.7", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 0.7", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2864", "url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2864", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2864" }, { - "refsource": "MLIST", - "name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/10/19/3" + "url": "http://www.openwall.com/lists/oss-security/2022/10/19/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/10/19/3" } ] } diff --git a/2022/43xxx/CVE-2022-43434.json b/2022/43xxx/CVE-2022-43434.json index d4942228941..f3f1f959238 100644 --- a/2022/43xxx/CVE-2022-43434.json +++ b/2022/43xxx/CVE-2022-43434.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-43434", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins NeuVector Vulnerability Scanner Plugin", - "version": { - "version_data": [ - { - "version_value": "1.20", - "version_affected": "<=" - }, - { - "version_value": "1.20", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-693: Protection Mechanism Failure" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins NeuVector Vulnerability Scanner Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.20", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.20", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2865", "url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2865", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2865" }, { - "refsource": "MLIST", - "name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/10/19/3" + "url": "http://www.openwall.com/lists/oss-security/2022/10/19/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/10/19/3" } ] } diff --git a/2022/43xxx/CVE-2022-43435.json b/2022/43xxx/CVE-2022-43435.json index 73bc9672ad7..9d05947d157 100644 --- a/2022/43xxx/CVE-2022-43435.json +++ b/2022/43xxx/CVE-2022-43435.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-43435", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins 360 FireLine Plugin", - "version": { - "version_data": [ - { - "version_value": "1.7.2", - "version_affected": "<=" - }, - { - "version_value": "1.7.2", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-693: Protection Mechanism Failure" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins 360 FireLine Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.7.2", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.7.2", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2866", "url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2866", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2866" }, { - "refsource": "MLIST", - "name": "[oss-security] 20221019 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2022/10/19/3" + "url": "http://www.openwall.com/lists/oss-security/2022/10/19/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/10/19/3" } ] } diff --git a/2022/45xxx/CVE-2022-45379.json b/2022/45xxx/CVE-2022-45379.json index 8fb4bcb5b95..745ecf1a325 100644 --- a/2022/45xxx/CVE-2022-45379.json +++ b/2022/45xxx/CVE-2022-45379.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-45379", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Script Security Plugin", - "version": { - "version_data": [ - { - "version_value": "1189.vb_a_b_7c8fd5fde", - "version_affected": "<=" - }, - { - "version_value": "1175.1179.vea_f7532629e1", - "version_affected": "!" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,60 @@ "description": [ { "lang": "eng", - "value": "CWE-328: Use of Weak Hash" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Script Security Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1189.vb_a_b_7c8fd5fde", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "1175.1179.vea_f7532629e1" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564", "url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2022/11/15/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/11/15/4" } ] } diff --git a/2022/45xxx/CVE-2022-45380.json b/2022/45xxx/CVE-2022-45380.json index 766f13310fb..3f0d46c09ff 100644 --- a/2022/45xxx/CVE-2022-45380.json +++ b/2022/45xxx/CVE-2022-45380.json @@ -1,44 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-45380", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins JUnit Plugin", - "version": { - "version_data": [ - { - "version_value": "1159.v0b_396e1e07dd", - "version_affected": "<=" - }, - { - "version_value": "1143.1145.v81b_b_9579a_019", - "version_affected": "!" - }, - { - "version_value": "1119.1122.v750e65d31b_db_", - "version_affected": "!" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -53,18 +21,64 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins JUnit Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1159.v0b_396e1e07dd", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "1143.1145.v81b_b_9579a_019" + }, + { + "status": "unaffected", + "version": "1119.1122.v750e65d31b_db_" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2888", "url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2888", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2888" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2022/11/15/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/11/15/4" } ] } diff --git a/2022/45xxx/CVE-2022-45381.json b/2022/45xxx/CVE-2022-45381.json index 30bfe3e9cd9..0e209605bab 100644 --- a/2022/45xxx/CVE-2022-45381.json +++ b/2022/45xxx/CVE-2022-45381.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-45381", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Pipeline Utility Steps Plugin", - "version": { - "version_data": [ - { - "version_value": "2.13.1", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Pipeline Utility Steps Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.13.1" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2949", "url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2949", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2949" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2022/11/15/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/11/15/4" } ] } diff --git a/2022/45xxx/CVE-2022-45382.json b/2022/45xxx/CVE-2022-45382.json index c8a2e36a262..5df4e2e037c 100644 --- a/2022/45xxx/CVE-2022-45382.json +++ b/2022/45xxx/CVE-2022-45382.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-45382", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Naginator Plugin", - "version": { - "version_data": [ - { - "version_value": "1.18.1", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Naginator Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.18.1" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2946", "url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2946", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2946" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2022/11/15/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/11/15/4" } ] } diff --git a/2022/45xxx/CVE-2022-45383.json b/2022/45xxx/CVE-2022-45383.json index a57d130134c..d060ac4d2c3 100644 --- a/2022/45xxx/CVE-2022-45383.json +++ b/2022/45xxx/CVE-2022-45383.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-45383", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Support Core Plugin", - "version": { - "version_data": [ - { - "version_value": "1206.v14049fa_b_d860", - "version_affected": "<=" - }, - { - "version_value": "1201.1203.v828b_ef272669", - "version_affected": "!" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,60 @@ "description": [ { "lang": "eng", - "value": "CWE-863: Incorrect Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Support Core Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1206.v14049fa_b_d860", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "1201.1203.v828b_ef272669" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2804", "url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2804", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2804" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2022/11/15/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/11/15/4" } ] } diff --git a/2022/45xxx/CVE-2022-45384.json b/2022/45xxx/CVE-2022-45384.json index 1c87267f2fe..a4e67cf5271 100644 --- a/2022/45xxx/CVE-2022-45384.json +++ b/2022/45xxx/CVE-2022-45384.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-45384", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Reverse Proxy Auth Plugin", - "version": { - "version_data": [ - { - "version_value": "1.7.3", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-256: Plaintext Storage of a Password" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Reverse Proxy Auth Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.7.3" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2094", "url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2094", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2094" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2022/11/15/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/11/15/4" } ] } diff --git a/2022/45xxx/CVE-2022-45385.json b/2022/45xxx/CVE-2022-45385.json index bc1d67037e3..162ff769291 100644 --- a/2022/45xxx/CVE-2022-45385.json +++ b/2022/45xxx/CVE-2022-45385.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-45385", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins CloudBees Docker Hub/Registry Notification Plugin", - "version": { - "version_data": [ - { - "version_value": "2.6.2", - "version_affected": "<=" - }, - { - "version_value": "2.6.0.1", - "version_affected": "!" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,60 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins CloudBees Docker Hub/Registry Notification Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "2.6.2", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "2.6.0.1" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2843", "url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2843", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2843" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2022/11/15/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/11/15/4" } ] } diff --git a/2022/45xxx/CVE-2022-45386.json b/2022/45xxx/CVE-2022-45386.json index 467ea589e94..37a6ed30cd8 100644 --- a/2022/45xxx/CVE-2022-45386.json +++ b/2022/45xxx/CVE-2022-45386.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-45386", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Violations Plugin", - "version": { - "version_data": [ - { - "version_value": "0.7.11", - "version_affected": "<=" - }, - { - "version_value": "0.7.11", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-611: Improper Restriction of XML External Entity Reference" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Violations Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "0.7.11", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 0.7.11", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-766", "url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-766", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-766" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2022/11/15/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/11/15/4" } ] } diff --git a/2022/45xxx/CVE-2022-45387.json b/2022/45xxx/CVE-2022-45387.json index 733f9f674c7..1b9ae7e74c5 100644 --- a/2022/45xxx/CVE-2022-45387.json +++ b/2022/45xxx/CVE-2022-45387.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-45387", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins BART Plugin", - "version": { - "version_data": [ - { - "version_value": "1.0.3", - "version_affected": "<=" - }, - { - "version_value": "1.0.3", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins BART Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.0.3", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.0.3", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2802", "url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2802", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2802" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2022/11/15/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/11/15/4" } ] } diff --git a/2022/45xxx/CVE-2022-45388.json b/2022/45xxx/CVE-2022-45388.json index 9095d40a5b0..60b61c7daea 100644 --- a/2022/45xxx/CVE-2022-45388.json +++ b/2022/45xxx/CVE-2022-45388.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-45388", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Config Rotator Plugin", - "version": { - "version_data": [ - { - "version_value": "2.0.1", - "version_affected": "<=" - }, - { - "version_value": "2.0.1", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Config Rotator Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "2.0.1", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 2.0.1", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2842", "url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2842", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2842" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2022/11/15/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/11/15/4" } ] } diff --git a/2022/45xxx/CVE-2022-45389.json b/2022/45xxx/CVE-2022-45389.json index 866e8552706..efc6ad44948 100644 --- a/2022/45xxx/CVE-2022-45389.json +++ b/2022/45xxx/CVE-2022-45389.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-45389", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins XP-Dev Plugin", - "version": { - "version_data": [ - { - "version_value": "1.0", - "version_affected": "<=" - }, - { - "version_value": "1.0", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins XP-Dev Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.0", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.0", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2853", "url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2853", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2853" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2022/11/15/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2022/11/15/4" } ] } diff --git a/2022/46xxx/CVE-2022-46836.json b/2022/46xxx/CVE-2022-46836.json index 5ed91336489..540a2e83332 100644 --- a/2022/46xxx/CVE-2022-46836.json +++ b/2022/46xxx/CVE-2022-46836.json @@ -69,6 +69,11 @@ "url": "https://checkmk.com/werk/14383", "refsource": "MISC", "name": "https://checkmk.com/werk/14383" + }, + { + "url": "https://www.sonarsource.com/blog/checkmk-rce-chain-3/", + "refsource": "MISC", + "name": "https://www.sonarsource.com/blog/checkmk-rce-chain-3/" } ] }, diff --git a/2022/47xxx/CVE-2022-47002.json b/2022/47xxx/CVE-2022-47002.json index c9388dfba2b..2bfbaeb5622 100644 --- a/2022/47xxx/CVE-2022-47002.json +++ b/2022/47xxx/CVE-2022-47002.json @@ -59,13 +59,13 @@ }, { "refsource": "MISC", - "name": "https://hoyahaxa.blogspot.com/2023/01/preliminary-security-advisory.html", - "url": "https://hoyahaxa.blogspot.com/2023/01/preliminary-security-advisory.html" + "name": "https://www.hoyahaxa.com/2023/01/preliminary-security-advisory.html", + "url": "https://www.hoyahaxa.com/2023/01/preliminary-security-advisory.html" }, { "refsource": "MISC", - "name": "https://hoyahaxa.blogspot.com/2023/03/authentication-bypass-mura-masa.html", - "url": "https://hoyahaxa.blogspot.com/2023/03/authentication-bypass-mura-masa.html" + "name": "https://www.hoyahaxa.com/2023/03/authentication-bypass-mura-masa.html", + "url": "https://www.hoyahaxa.com/2023/03/authentication-bypass-mura-masa.html" } ] } diff --git a/2022/47xxx/CVE-2022-47909.json b/2022/47xxx/CVE-2022-47909.json index d2910760648..2587a4c50cf 100644 --- a/2022/47xxx/CVE-2022-47909.json +++ b/2022/47xxx/CVE-2022-47909.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Livestatus Query Language (LQL) injection in the AuthUser HTTP query header of Tribe29's Checkmk <= 2.1.0p11, Checkmk <= 2.0.0p28, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to perform direct queries to the application's core from localhost." + "value": "Livestatus Query Language (LQL) injection in the AuthUser HTTP query header of\u00a0Tribe29's Checkmk <= 2.1.0p11, Checkmk <= 2.0.0p28, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to perform direct queries to the application's core from localhost." } ] }, @@ -69,6 +69,11 @@ "url": "https://checkmk.com/werk/14384", "refsource": "MISC", "name": "https://checkmk.com/werk/14384" + }, + { + "url": "https://www.sonarsource.com/blog/checkmk-rce-chain-1/", + "refsource": "MISC", + "name": "https://www.sonarsource.com/blog/checkmk-rce-chain-1/" } ] }, diff --git a/2022/48xxx/CVE-2022-48321.json b/2022/48xxx/CVE-2022-48321.json index 48ef6482758..a428090d325 100644 --- a/2022/48xxx/CVE-2022-48321.json +++ b/2022/48xxx/CVE-2022-48321.json @@ -59,6 +59,11 @@ "url": "https://checkmk.com/werk/14385", "refsource": "MISC", "name": "https://checkmk.com/werk/14385" + }, + { + "url": "https://www.sonarsource.com/blog/checkmk-rce-chain-1/", + "refsource": "MISC", + "name": "https://www.sonarsource.com/blog/checkmk-rce-chain-1/" } ] }, diff --git a/2023/24xxx/CVE-2023-24422.json b/2023/24xxx/CVE-2023-24422.json index 8c512d3f77c..b7d18026756 100644 --- a/2023/24xxx/CVE-2023-24422.json +++ b/2023/24xxx/CVE-2023-24422.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2023-24422", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins Project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Script Security Plugin", - "version": { - "version_data": [ - { - "version_value": "1228.vd93135a_2fb_25", - "version_affected": "<=" - }, - { - "version_value": "1175.1180.v36a_3fb_2dec9c", - "version_affected": "!" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -55,12 +27,49 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins Project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Script Security Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1228.vd93135a_2fb_25", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "1175.1180.v36a_3fb_2dec9c" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016", "url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016" } ] } diff --git a/2023/24xxx/CVE-2023-24423.json b/2023/24xxx/CVE-2023-24423.json index c9d1b840f3e..232073ec275 100644 --- a/2023/24xxx/CVE-2023-24423.json +++ b/2023/24xxx/CVE-2023-24423.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2023-24423", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins Project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Gerrit Trigger Plugin", - "version": { - "version_data": [ - { - "version_value": "2.38.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -51,12 +27,37 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins Project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Gerrit Trigger Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.38.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2137", "url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2137", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2137" } ] } diff --git a/2023/24xxx/CVE-2023-24424.json b/2023/24xxx/CVE-2023-24424.json index 8b46d91f28c..13c142af5ec 100644 --- a/2023/24xxx/CVE-2023-24424.json +++ b/2023/24xxx/CVE-2023-24424.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2023-24424", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins Project", - "product": { - "product_data": [ - { - "product_name": "Jenkins OpenId Connect Authentication Plugin", - "version": { - "version_data": [ - { - "version_value": "2.4", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -51,12 +27,37 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins Project", + "product": { + "product_data": [ + { + "product_name": "Jenkins OpenId Connect Authentication Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.4" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2978", "url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2978", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2978" } ] } diff --git a/2023/24xxx/CVE-2023-24425.json b/2023/24xxx/CVE-2023-24425.json index 49e74f62038..333013e2505 100644 --- a/2023/24xxx/CVE-2023-24425.json +++ b/2023/24xxx/CVE-2023-24425.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2023-24425", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins Project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Kubernetes Credentials Provider Plugin", - "version": { - "version_data": [ - { - "version_value": "1.208.v128ee9800c04", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -51,12 +27,37 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins Project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Kubernetes Credentials Provider Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.208.v128ee9800c04" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3022", "url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3022", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3022" } ] } diff --git a/2023/24xxx/CVE-2023-24426.json b/2023/24xxx/CVE-2023-24426.json index 068928d7290..ab636453cc3 100644 --- a/2023/24xxx/CVE-2023-24426.json +++ b/2023/24xxx/CVE-2023-24426.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2023-24426", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins Project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Azure AD Plugin", - "version": { - "version_data": [ - { - "version_value": "303.va_91ef20ee49f", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -51,12 +27,37 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins Project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Azure AD Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "303.va_91ef20ee49f" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2980", "url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2980", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2980" } ] } diff --git a/2023/24xxx/CVE-2023-24427.json b/2023/24xxx/CVE-2023-24427.json index 47563b903eb..544b102e220 100644 --- a/2023/24xxx/CVE-2023-24427.json +++ b/2023/24xxx/CVE-2023-24427.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2023-24427", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins Project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Bitbucket OAuth Plugin", - "version": { - "version_data": [ - { - "version_value": "0.12", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -51,12 +27,37 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins Project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Bitbucket OAuth Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "0.12" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2982", "url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2982", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2982" } ] } diff --git a/2023/45xxx/CVE-2023-45833.json b/2023/45xxx/CVE-2023-45833.json index 403c46596fd..149d63f7e2d 100644 --- a/2023/45xxx/CVE-2023-45833.json +++ b/2023/45xxx/CVE-2023-45833.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-45833", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in LeadSquared Suite plugin <=\u00a00.7.4 versions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "LeadSquared, Inc", + "product": { + "product_data": [ + { + "product_name": "LeadSquared Suite", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "0.7.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/leadsquared-suite/wordpress-leadsquared-suite-plugin-0-7-4-cross-site-scripting-xss?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/leadsquared-suite/wordpress-leadsquared-suite-plugin-0-7-4-cross-site-scripting-xss?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "Rio Darmawan (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2023/45xxx/CVE-2023-45835.json b/2023/45xxx/CVE-2023-45835.json index 66da796d415..7b4592e8036 100644 --- a/2023/45xxx/CVE-2023-45835.json +++ b/2023/45xxx/CVE-2023-45835.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-45835", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Libsyn Libsyn Publisher Hub plugin <=\u00a01.4.4 versions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Libsyn", + "product": { + "product_data": [ + { + "product_name": "Libsyn Publisher Hub", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "1.4.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/libsyn-podcasting/wordpress-libsyn-publisher-hub-plugin-1-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/libsyn-podcasting/wordpress-libsyn-publisher-hub-plugin-1-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "minhtuanact (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2023/46xxx/CVE-2023-46010.json b/2023/46xxx/CVE-2023-46010.json index 5621c458a1f..467ef9b94d1 100644 --- a/2023/46xxx/CVE-2023-46010.json +++ b/2023/46xxx/CVE-2023-46010.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-46010", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-46010", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary commands via the admin_safe.php component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://seacms.com", + "refsource": "MISC", + "name": "http://seacms.com" + }, + { + "url": "https://blog.csdn.net/DGS666/article/details/133795200?spm=1001.2014.3001.5501", + "refsource": "MISC", + "name": "https://blog.csdn.net/DGS666/article/details/133795200?spm=1001.2014.3001.5501" } ] } diff --git a/2023/46xxx/CVE-2023-46369.json b/2023/46xxx/CVE-2023-46369.json index ca47387a986..eb9d33ec0ff 100644 --- a/2023/46xxx/CVE-2023-46369.json +++ b/2023/46xxx/CVE-2023-46369.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-46369", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-46369", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tenda W18E V16.01.0.8(1576) contains a stack overflow vulnerability via the portMirrorMirroredPorts parameter in the formSetNetCheckTools function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/Tenda/W18E/bug1.md", + "refsource": "MISC", + "name": "https://github.com/Archerber/bug_submit/blob/main/Tenda/W18E/bug1.md" } ] } diff --git a/2023/46xxx/CVE-2023-46370.json b/2023/46xxx/CVE-2023-46370.json index 6af3194bd48..8c3bbda775a 100644 --- a/2023/46xxx/CVE-2023-46370.json +++ b/2023/46xxx/CVE-2023-46370.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-46370", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-46370", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tenda W18E V16.01.0.8(1576) has a command injection vulnerability via the hostName parameter in the formSetNetCheckTools function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/Tenda/W18E/bug2.md", + "refsource": "MISC", + "name": "https://github.com/Archerber/bug_submit/blob/main/Tenda/W18E/bug2.md" } ] } diff --git a/2023/46xxx/CVE-2023-46371.json b/2023/46xxx/CVE-2023-46371.json index 74dac3f9488..09d1b57bdde 100644 --- a/2023/46xxx/CVE-2023-46371.json +++ b/2023/46xxx/CVE-2023-46371.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-46371", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-46371", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "TP-Link device TL-WDR7660 2.0.30 has a stack overflow vulnerability via the function upgradeInfoJsonToBin." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/TP-Link/TL-WDR7660/2.md", + "refsource": "MISC", + "name": "https://github.com/Archerber/bug_submit/blob/main/TP-Link/TL-WDR7660/2.md" } ] } diff --git a/2023/46xxx/CVE-2023-46373.json b/2023/46xxx/CVE-2023-46373.json index 039034856f4..ebc3fa4d428 100644 --- a/2023/46xxx/CVE-2023-46373.json +++ b/2023/46xxx/CVE-2023-46373.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-46373", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-46373", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "TP-Link TL-WDR7660 2.0.30 has a stack overflow vulnerability via the function deviceInfoJsonToBincauses." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Archerber/bug_submit/blob/main/TP-Link/TL-WDR7660/3.md", + "refsource": "MISC", + "name": "https://github.com/Archerber/bug_submit/blob/main/TP-Link/TL-WDR7660/3.md" } ] }