From a0e1c5994d0dde3f5314b0db12564e71cbcb494c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 13 Feb 2020 20:01:08 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2012/6xxx/CVE-2012-6091.json | 63 ++++++++++++++++++++++++++++++++++-- 2013/0xxx/CVE-2013-0295.json | 14 ++++---- 2014/3xxx/CVE-2014-3208.json | 53 ++++++++++++++++++++++++++++-- 2015/3xxx/CVE-2015-3309.json | 58 +++++++++++++++++++++++++++++++-- 2019/1xxx/CVE-2019-1234.json | 5 +++ 2019/1xxx/CVE-2019-1372.json | 5 +++ 2020/8xxx/CVE-2020-8987.json | 18 +++++++++++ 7 files changed, 202 insertions(+), 14 deletions(-) create mode 100644 2020/8xxx/CVE-2020-8987.json diff --git a/2012/6xxx/CVE-2012-6091.json b/2012/6xxx/CVE-2012-6091.json index 988f0d710b2..e6d2c9a298f 100644 --- a/2012/6xxx/CVE-2012-6091.json +++ b/2012/6xxx/CVE-2012-6091.json @@ -1,8 +1,34 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-6091", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Magento", + "version": { + "version_data": [ + { + "version_value": "1.7.0.1" + }, + { + "version_value": "fixed in 1.7.0.2" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +37,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Zend_XmlRpc Class in Magento before 1.7.0.2 contains an information disclosure vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BID", + "name": "57140", + "url": "http://www.securityfocus.com/bid/57140" + }, + { + "refsource": "XF", + "name": "80973", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80973" + }, + { + "refsource": "MLIST", + "name": "MLIST: [oss-security] 20130103 Re: CVE request (maybe): magento before 1.7.0.2", + "url": "http://www.openwall.com/lists/oss-security/2013/01/03/10" } ] } diff --git a/2013/0xxx/CVE-2013-0295.json b/2013/0xxx/CVE-2013-0295.json index f9ff6c2f1e8..89db4039b53 100644 --- a/2013/0xxx/CVE-2013-0295.json +++ b/2013/0xxx/CVE-2013-0295.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2013-0295", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2013-0295", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0342. Reason: This candidate is a duplicate of [ID]. Notes: All CVE users should reference CVE-2013-0342 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } diff --git a/2014/3xxx/CVE-2014-3208.json b/2014/3xxx/CVE-2014-3208.json index f5d573a2fe9..91340b96420 100644 --- a/2014/3xxx/CVE-2014-3208.json +++ b/2014/3xxx/CVE-2014-3208.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-3208", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Denial of Service vulnerability exists in askpop3d 0.7.7 in free (pszQuery)," + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.openwall.com/lists/oss-security/2014/05/05/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2014/05/05/3" + }, + { + "refsource": "MISC", + "name": "https://www.securityfocus.com/bid/67219", + "url": "https://www.securityfocus.com/bid/67219" } ] } diff --git a/2015/3xxx/CVE-2015-3309.json b/2015/3xxx/CVE-2015-3309.json index b81e32a10de..30a72c78a34 100644 --- a/2015/3xxx/CVE-2015-3309.json +++ b/2015/3xxx/CVE-2015-3309.json @@ -2,7 +2,7 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-3309", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,61 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.2 through 1.5.4 allows remote attackers to read arbitrary files with permissions of the user running the service via a .. (dot dot) in the path parameter of HTTP API requests. NOTE: This vulnerability is due to an incomplete fix to CVE-2015-3297." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://cve.killedkenny.io/cve/CVE-2015-3309", + "url": "http://cve.killedkenny.io/cve/CVE-2015-3309" + }, + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2015/04/16/8", + "url": "http://www.openwall.com/lists/oss-security/2015/04/16/8" + }, + { + "refsource": "MISC", + "name": "https://github.com/ether/etherpad-lite/commit/0fa7650df8f940ed6b577d79836a78eb09726c4b", + "url": "https://github.com/ether/etherpad-lite/commit/0fa7650df8f940ed6b577d79836a78eb09726c4b" } ] } diff --git a/2019/1xxx/CVE-2019-1234.json b/2019/1xxx/CVE-2019-1234.json index 194ff693d0c..232bfe0e340 100644 --- a/2019/1xxx/CVE-2019-1234.json +++ b/2019/1xxx/CVE-2019-1234.json @@ -56,6 +56,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1234", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1234" + }, + { + "refsource": "MISC", + "name": "https://research.checkpoint.com/2020/remote-cloud-execution-critical-vulnerabilities-in-azure-cloud-infrastructure-part-i/", + "url": "https://research.checkpoint.com/2020/remote-cloud-execution-critical-vulnerabilities-in-azure-cloud-infrastructure-part-i/" } ] } diff --git a/2019/1xxx/CVE-2019-1372.json b/2019/1xxx/CVE-2019-1372.json index c1ad466e31d..cbf470c424f 100644 --- a/2019/1xxx/CVE-2019-1372.json +++ b/2019/1xxx/CVE-2019-1372.json @@ -56,6 +56,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1372", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1372" + }, + { + "refsource": "MISC", + "name": "https://research.checkpoint.com/2020/remote-cloud-execution-critical-vulnerabilities-in-azure-cloud-infrastructure-part-ii/", + "url": "https://research.checkpoint.com/2020/remote-cloud-execution-critical-vulnerabilities-in-azure-cloud-infrastructure-part-ii/" } ] } diff --git a/2020/8xxx/CVE-2020-8987.json b/2020/8xxx/CVE-2020-8987.json new file mode 100644 index 00000000000..56abf7e430a --- /dev/null +++ b/2020/8xxx/CVE-2020-8987.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-8987", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file