admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-04-29 14:01:38 +00:00
parent 81a1d494d3
commit a09278ed04
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
48 changed files with 456 additions and 184 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2021/22xxx/CVE-2021-22570.json
View File

@ -117,6 +117,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
},

5
2021/3xxx/CVE-2021-3582.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1966266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966266"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0003/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0003/"
}
]
},

56
2021/41xxx/CVE-2021-41948.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-41948",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-41948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A cross-site scripting (XSS) vulnerability exists in the \"contact us\" plugin for Subrion CMS <= 4.2.1 version via \"List of subjects\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/intelliants/subrion-plugin-contact_us/issues/8",
"refsource": "MISC",
"name": "https://github.com/intelliants/subrion-plugin-contact_us/issues/8"
}
]
}

5
2022/0xxx/CVE-2022-0778.json
View File

@ -157,6 +157,11 @@
"refsource": "CONFIRM",
"name": "https://www.tenable.com/security/tns-2022-09",
"url": "https://www.tenable.com/security/tns-2022-09"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/0xxx/CVE-2022-0995.json
View File

@ -63,6 +63,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166815/Watch-Queue-Out-Of-Bounds-Write.html",
"url": "http://packetstormsecurity.com/files/166815/Watch-Queue-Out-Of-Bounds-Write.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0001/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0001/"
}
]
},

160
2022/1xxx/CVE-2022-1526.json
View File

@ -1,79 +1,83 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-1526",
"TITLE": "Emlog Pro POST Parameter cross site scripting",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "",
"product": {
"product_data": [
{
"product_name": "Emlog Pro",
"version": {
"version_data": [
{
"version_value": "1.2.0"
},
{
"version_value": "1.2.1"
},
{
"version_value": "1.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, was found in Emlog Pro up to 1.2.2. This affects the POST parameter handling of articles. The manipulation with the input <script>alert(1);<\/script> leads to cross site scripting. It is possible to initiate the attack remotely but it requires a signup and login by the attacker. The exploit has been disclosed to the public and may be used."
}
]
},
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "3.5",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/xiahao90\/CVEproject\/blob\/main\/xiahao.webray.com.cn\/emlog%3C=pro-1.2.2%20Stored%20Cross-Site%20Scripting(XSS).md"
},
{
"url": "https:\/\/vuldb.com\/?id.198705"
}
]
}
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-1526",
"TITLE": "Emlog Pro POST Parameter cross site scripting",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "",
"product": {
"product_data": [
{
"product_name": "Emlog Pro",
"version": {
"version_data": [
{
"version_value": "1.2.0"
},
{
"version_value": "1.2.1"
},
{
"version_value": "1.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, was found in Emlog Pro up to 1.2.2. This affects the POST parameter handling of articles. The manipulation with the input <script>alert(1);</script> leads to cross site scripting. It is possible to initiate the attack remotely but it requires a signup and login by the attacker. The exploit has been disclosed to the public and may be used."
}
]
},
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "3.5",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/emlog%3C=pro-1.2.2%20Stored%20Cross-Site%20Scripting(XSS).md",
"refsource": "MISC",
"name": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/emlog%3C=pro-1.2.2%20Stored%20Cross-Site%20Scripting(XSS).md"
},
{
"url": "https://vuldb.com/?id.198705",
"refsource": "MISC",
"name": "https://vuldb.com/?id.198705"
}
]
}
}

202
2022/1xxx/CVE-2022-1536.json
View File

@ -1,100 +1,104 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-1536",
"TITLE": "automad Dashboard cross site scripting",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "",
"product": {
"product_data": [
{
"product_name": "automad",
"version": {
"version_data": [
{
"version_value": "1.10.0"
},
{
"version_value": "1.10.1"
},
{
"version_value": "1.10.2"
},
{
"version_value": "1.10.3"
},
{
"version_value": "1.10.4"
},
{
"version_value": "1.10.5"
},
{
"version_value": "1.10.6"
},
{
"version_value": "1.10.7"
},
{
"version_value": "1.10.8"
},
{
"version_value": "1.10.9"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in automad up to 1.10.9 and classified as problematic. This vulnerability affects the Dashboard. The manipulation of the argument title with the input Home<\/title><script>alert(\"home\")<\/script><title> leads to a cross site scripting. The attack can be initiated remotely but requires an authentication. The exploit details have disclosed to the public and may be used."
}
]
},
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "3.5",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/xiahao90\/CVEproject\/blob\/main\/xiahao.webray.com.cn\/automad%3C%3D1.10.9%20Stored%20Cross-Site%20Scripting(XSS).md"
},
{
"url": "https:\/\/vuldb.com\/?id.198706"
}
]
}
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-1536",
"TITLE": "automad Dashboard cross site scripting",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "",
"product": {
"product_data": [
{
"product_name": "automad",
"version": {
"version_data": [
{
"version_value": "1.10.0"
},
{
"version_value": "1.10.1"
},
{
"version_value": "1.10.2"
},
{
"version_value": "1.10.3"
},
{
"version_value": "1.10.4"
},
{
"version_value": "1.10.5"
},
{
"version_value": "1.10.6"
},
{
"version_value": "1.10.7"
},
{
"version_value": "1.10.8"
},
{
"version_value": "1.10.9"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in automad up to 1.10.9 and classified as problematic. This vulnerability affects the Dashboard. The manipulation of the argument title with the input Home</title><script>alert(\"home\")</script><title> leads to a cross site scripting. The attack can be initiated remotely but requires an authentication. The exploit details have disclosed to the public and may be used."
}
]
},
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "3.5",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/automad%3C%3D1.10.9%20Stored%20Cross-Site%20Scripting(XSS).md",
"refsource": "MISC",
"name": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/automad%3C%3D1.10.9%20Stored%20Cross-Site%20Scripting(XSS).md"
},
{
"url": "https://vuldb.com/?id.198706",
"refsource": "MISC",
"name": "https://vuldb.com/?id.198706"
}
]
}
}

5
2022/21xxx/CVE-2022-21412.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21413.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21414.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21415.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21417.json
View File

@ -68,6 +68,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21418.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21423.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21425.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21426.json
View File

@ -92,6 +92,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0006/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0006/"
}
]
}

5
2022/21xxx/CVE-2022-21427.json
View File

@ -68,6 +68,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21434.json
View File

@ -92,6 +92,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0006/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0006/"
}
]
}

5
2022/21xxx/CVE-2022-21435.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21436.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21437.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21438.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21440.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21443.json
View File

@ -92,6 +92,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0006/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0006/"
}
]
}

5
2022/21xxx/CVE-2022-21444.json
View File

@ -68,6 +68,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21449.json
View File

@ -106,6 +106,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20220428 Re: CVE-2022-21449 and version reporting",
"url": "http://www.openwall.com/lists/oss-security/2022/04/28/7"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0006/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0006/"
}
]
}

5
2022/21xxx/CVE-2022-21451.json
View File

@ -68,6 +68,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21452.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21454.json
View File

@ -68,6 +68,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21457.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21459.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21460.json
View File

@ -68,6 +68,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21462.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21476.json
View File

@ -92,6 +92,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0006/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0006/"
}
]
}

5
2022/21xxx/CVE-2022-21478.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21479.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21482.json
View File

@ -64,6 +64,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21483.json
View File

@ -76,6 +76,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21484.json
View File

@ -76,6 +76,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21485.json
View File

@ -76,6 +76,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21486.json
View File

@ -76,6 +76,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21489.json
View File

@ -76,6 +76,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21490.json
View File

@ -76,6 +76,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0005/"
}
]
}

5
2022/21xxx/CVE-2022-21496.json
View File

@ -92,6 +92,11 @@
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0006/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0006/"
}
]
}

2
2022/24xxx/CVE-2022-24900.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "Piano LED Visualizer is software that allows LED lights to light up as a person plays a piano connected to a computer. Version 1.3 and prior are vulnerable to a path traversal attack. The `os.path.join` call is unsafe for use with untrusted input. When the `os.path.join` call encounters an absolute path, it ignores all the parameters it has encountered till that point and starts working with the new absolute path. Since the \"malicious\" parameter represents an absolute path, the result of `os.path.join` ignores the static directory completely. Hence, untrusted input is passed via the `os.path.join` call to `flask.send_file` can lead to path traversal attacks. A patch with a fix is available on the `master` branch of the GitHub repository. This can also be fixed by preventing flow of untrusted data to the vulnerable `send_file` function. In case the application logic necessiates this behaviour, one can either use the `flask.safe_join` to join untrusted paths or replace `flask.send_file` calls with `flask.send_from_directory` calls. "
"value": "Piano LED Visualizer is software that allows LED lights to light up as a person plays a piano connected to a computer. Version 1.3 and prior are vulnerable to a path traversal attack. The `os.path.join` call is unsafe for use with untrusted input. When the `os.path.join` call encounters an absolute path, it ignores all the parameters it has encountered till that point and starts working with the new absolute path. Since the \"malicious\" parameter represents an absolute path, the result of `os.path.join` ignores the static directory completely. Hence, untrusted input is passed via the `os.path.join` call to `flask.send_file` can lead to path traversal attacks. A patch with a fix is available on the `master` branch of the GitHub repository. This can also be fixed by preventing flow of untrusted data to the vulnerable `send_file` function. In case the application logic necessiates this behaviour, one can either use the `flask.safe_join` to join untrusted paths or replace `flask.send_file` calls with `flask.send_from_directory` calls."
}
]
},

5
2022/26xxx/CVE-2022-26490.json
View File

@ -66,6 +66,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-de4474b89d",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C5AUUDGSDLGYU7SZSK4PFAN22NISQZBT/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0004/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0004/"
}
]
}

5
2022/27xxx/CVE-2022-27191.json
View File

@ -86,6 +86,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2022-c87047f163",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0002/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0002/"
}
]
}

5
2022/27xxx/CVE-2022-27666.json
View File

@ -53,6 +53,11 @@
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/ebe48d368e97d007bfeb76fcb065d6cfc4c96645",
"url": "https://github.com/torvalds/linux/commit/ebe48d368e97d007bfeb76fcb065d6cfc4c96645"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220429-0001/",
"url": "https://security.netapp.com/advisory/ntap-20220429-0001/"
}
]
},