From a3219ae491247d3911d981cf64542df5080191c4 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 3 Dec 2020 20:01:37 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/17xxx/CVE-2020-17527.json | 25 ++++++++++++ 2020/29xxx/CVE-2020-29529.json | 67 +++++++++++++++++++++++++++++++ 2020/29xxx/CVE-2020-29530.json | 18 +++++++++ 2020/29xxx/CVE-2020-29531.json | 18 +++++++++ 2020/29xxx/CVE-2020-29532.json | 18 +++++++++ 2020/29xxx/CVE-2020-29533.json | 18 +++++++++ 2020/29xxx/CVE-2020-29534.json | 72 ++++++++++++++++++++++++++++++++++ 7 files changed, 236 insertions(+) create mode 100644 2020/29xxx/CVE-2020-29529.json create mode 100644 2020/29xxx/CVE-2020-29530.json create mode 100644 2020/29xxx/CVE-2020-29531.json create mode 100644 2020/29xxx/CVE-2020-29532.json create mode 100644 2020/29xxx/CVE-2020-29533.json create mode 100644 2020/29xxx/CVE-2020-29534.json diff --git a/2020/17xxx/CVE-2020-17527.json b/2020/17xxx/CVE-2020-17527.json index eb9e0ca125a..46716dc5352 100644 --- a/2020/17xxx/CVE-2020-17527.json +++ b/2020/17xxx/CVE-2020-17527.json @@ -73,6 +73,31 @@ "refsource": "MISC", "url": "https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E", "name": "https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[tomcat-dev] 20201203 [SECURITY] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up", + "url": "https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c@%3Cdev.tomcat.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[tomcat-dev] 20201203 svn commit: r1884073 - in /tomcat/site/trunk: docs/security-10.html docs/security-8.html docs/security-9.html xdocs/security-10.xml xdocs/security-8.xml xdocs/security-9.xml", + "url": "https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53@%3Cdev.tomcat.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[announce] 20201203 [SECURITY] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up", + "url": "https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[tomcat-users] 20201203 [SECURITY] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up", + "url": "https://lists.apache.org/thread.html/rd5babd13d7a350b369b2f647b4dd32ce678af42f9aba5389df1ae6ca@%3Cusers.tomcat.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[tomcat-announce] 20201203 [SECURITY] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up", + "url": "https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5@%3Cannounce.tomcat.apache.org%3E" } ] }, diff --git a/2020/29xxx/CVE-2020-29529.json b/2020/29xxx/CVE-2020-29529.json new file mode 100644 index 00000000000..8ef3dccd231 --- /dev/null +++ b/2020/29xxx/CVE-2020-29529.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-29529", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HashiCorp go-slug before 0.5.0 does not address attempts at directory traversal involving ../ and symlinks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/hashicorp/go-slug/releases/tag/v0.5.0", + "refsource": "MISC", + "name": "https://github.com/hashicorp/go-slug/releases/tag/v0.5.0" + }, + { + "url": "https://github.com/hashicorp/go-slug/compare/v0.4.3...v0.5.0", + "refsource": "MISC", + "name": "https://github.com/hashicorp/go-slug/compare/v0.4.3...v0.5.0" + } + ] + } +} \ No newline at end of file diff --git a/2020/29xxx/CVE-2020-29530.json b/2020/29xxx/CVE-2020-29530.json new file mode 100644 index 00000000000..8bd39a99f07 --- /dev/null +++ b/2020/29xxx/CVE-2020-29530.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-29530", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/29xxx/CVE-2020-29531.json b/2020/29xxx/CVE-2020-29531.json new file mode 100644 index 00000000000..d48a7745598 --- /dev/null +++ b/2020/29xxx/CVE-2020-29531.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-29531", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/29xxx/CVE-2020-29532.json b/2020/29xxx/CVE-2020-29532.json new file mode 100644 index 00000000000..9fd4de95254 --- /dev/null +++ b/2020/29xxx/CVE-2020-29532.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-29532", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/29xxx/CVE-2020-29533.json b/2020/29xxx/CVE-2020-29533.json new file mode 100644 index 00000000000..eb02135630f --- /dev/null +++ b/2020/29xxx/CVE-2020-29533.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-29533", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/29xxx/CVE-2020-29534.json b/2020/29xxx/CVE-2020-29534.json new file mode 100644 index 00000000000..de04d732374 --- /dev/null +++ b/2020/29xxx/CVE-2020-29534.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-29534", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Linux kernel before 5.9.3. io_uring takes a non-refcounted reference to the files_struct of the process that submitted a request, causing execve() to incorrectly optimize unshare_fd(), aka CID-0f2122045b94." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2089", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2089" + }, + { + "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0f2122045b946241a9e549c2a76cea54fa58a7ff", + "refsource": "MISC", + "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0f2122045b946241a9e549c2a76cea54fa58a7ff" + }, + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9.3", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9.3" + } + ] + } +} \ No newline at end of file