From a14c6bbe86424a3f64269ca756cf4478d9ad2e63 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 6 Jan 2021 16:01:50 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/27xxx/CVE-2020-27279.json | 50 +++++++++++++++++++-- 2020/27xxx/CVE-2020-27283.json | 50 +++++++++++++++++++-- 2020/36xxx/CVE-2020-36177.json | 82 ++++++++++++++++++++++++++++++++++ 3 files changed, 176 insertions(+), 6 deletions(-) create mode 100644 2020/36xxx/CVE-2020-36177.json diff --git a/2020/27xxx/CVE-2020-27279.json b/2020/27xxx/CVE-2020-27279.json index 1bd2f1bae0a..eaef1bf57b0 100644 --- a/2020/27xxx/CVE-2020-27279.json +++ b/2020/27xxx/CVE-2020-27279.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-27279", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Crimson 3.1", + "version": { + "version_data": [ + { + "version_value": "Build versions prior to 3119.001" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "NULL POINTER DEREFERENCE CWE-476" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-005-04", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-005-04" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A NULL pointer deference vulnerability has been identified in the protocol converter. An attacker could send a specially crafted packet that could reboot the device running Crimson 3.1 (Build versions prior to 3119.001)." } ] } diff --git a/2020/27xxx/CVE-2020-27283.json b/2020/27xxx/CVE-2020-27283.json index ec8a8758d7b..08a3aecd9d0 100644 --- a/2020/27xxx/CVE-2020-27283.json +++ b/2020/27xxx/CVE-2020-27283.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-27283", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Crimson 3.1", + "version": { + "version_data": [ + { + "version_value": "Build versions prior to 3119.001" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "IMPROPER RESOURCE SHUTDOWN OR RELEASE CWE-404" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-005-04", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-005-04" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An attacker could send a specially crafted message to Crimson 3.1 (Build versions prior to 3119.001) that could leak arbitrary memory locations." } ] } diff --git a/2020/36xxx/CVE-2020-36177.json b/2020/36xxx/CVE-2020-36177.json new file mode 100644 index 00000000000..d6d83af0b1f --- /dev/null +++ b/2020/36xxx/CVE-2020-36177.json @@ -0,0 +1,82 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-36177", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/wolfSSL/wolfssl/commit/63bf5dc56ccbfc12a73b06327361687091a4c6f7", + "refsource": "MISC", + "name": "https://github.com/wolfSSL/wolfssl/commit/63bf5dc56ccbfc12a73b06327361687091a4c6f7" + }, + { + "url": "https://github.com/wolfSSL/wolfssl/pull/3426", + "refsource": "MISC", + "name": "https://github.com/wolfSSL/wolfssl/pull/3426" + }, + { + "url": "https://github.com/wolfSSL/wolfssl/commit/fb2288c46dd4c864b78f00a47a364b96a09a5c0f", + "refsource": "MISC", + "name": "https://github.com/wolfSSL/wolfssl/commit/fb2288c46dd4c864b78f00a47a364b96a09a5c0f" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26567", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26567" + }, + { + "url": "https://github.com/wolfSSL/wolfssl/releases/tag/v4.6.0-stable", + "refsource": "MISC", + "name": "https://github.com/wolfSSL/wolfssl/releases/tag/v4.6.0-stable" + } + ] + } +} \ No newline at end of file