"-Synchronized-Data."

2025-08-04 08:44:25 +00:00 · 2021-08-27 10:00:54 +00:00 · 2021-08-27 10:00:54 +00:00 · a4bb27c109
commit a4bb27c109
parent 1a76d255eb
8 changed files with 124 additions and 7 deletions
--- a/2019/10xxx/CVE-2019-10086.json
+++ b/2019/10xxx/CVE-2019-10086.json
@ -253,6 +253,21 @@
                "url": "https://www.oracle.com//security-alerts/cpujul2021.html",
                "refsource": "MISC",
                "name": "https://www.oracle.com//security-alerts/cpujul2021.html"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[nifi-issues] 20210827 [jira] [Updated] (NIFI-9170) Upgrade commons-beanutils to 1.9.4 to mitigate CVE-2019-10086",
+                "url": "https://lists.apache.org/thread.html/rcc029be4edaaf5b8bb85818aab494e16f312fced07a0f4a202771ba2@%3Cissues.nifi.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[nifi-issues] 20210827 [GitHub] [nifi] naddym opened a new pull request #5351: NIFI-9170 Upgrade commons-beanutils to 1.9.4 to mitigate CVE-2019-10086",
+                "url": "https://lists.apache.org/thread.html/r46e536fc98942dce99fadd2e313aeefe90c1a769c5cd85d98df9d098@%3Cissues.nifi.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[nifi-issues] 20210827 [jira] [Created] (NIFI-9170) Upgrade commons-beanutils to 1.9.4 to mitigate CVE-2019-10086",
+                "url": "https://lists.apache.org/thread.html/rec74f3a94dd850259c730b4ba6f7b6211222b58900ec088754aa0534@%3Cissues.nifi.apache.org%3E"
            }
        ]
    },
--- a/2021/32xxx/CVE-2021-32931.json
+++ b/2021/32xxx/CVE-2021-32931.json
@ -48,6 +48,16 @@
                "refsource": "MISC",
                "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-217-02",
                "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-217-02"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1030/",
+                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1030/"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1027/",
+                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1027/"
            }
        ]
    },
--- a/2021/32xxx/CVE-2021-32939.json
+++ b/2021/32xxx/CVE-2021-32939.json
@ -48,6 +48,11 @@
                "refsource": "MISC",
                "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-217-02",
                "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-217-02"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1028/",
+                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1028/"
            }
        ]
    },
--- a/2021/32xxx/CVE-2021-32947.json
+++ b/2021/32xxx/CVE-2021-32947.json
@ -48,6 +48,11 @@
                "refsource": "MISC",
                "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-217-02",
                "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-217-02"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1029/",
+                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1029/"
            }
        ]
    },
--- a/2021/35xxx/CVE-2021-35342.json
+++ b/2021/35xxx/CVE-2021-35342.json
@ -1,17 +1,66 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
-        "ID": "CVE-2021-35342",
        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2021-35342",
+        "STATE": "PUBLIC"
    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "The useradm service 1.14.0 (in Northern.tech Mender Enterprise 2.7.x before 2.7.1) and 1.13.0 (in Northern.tech Mender Enterprise 2.6.x before 2.6.1) allows users to access the system with their JWT token after logout, because of missing invalidation (if the JWT verification cache is enabled)."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://northern.tech/our-products",
+                "refsource": "MISC",
+                "name": "https://northern.tech/our-products"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://mender.io/blog/cve-2021-35342-useradm-logout-vulnerabililty",
+                "url": "https://mender.io/blog/cve-2021-35342-useradm-logout-vulnerabililty"
            }
        ]
    }
--- a/2021/37xxx/CVE-2021-37608.json
+++ b/2021/37xxx/CVE-2021-37608.json
@ -72,6 +72,16 @@
                "refsource": "MISC",
                "url": "https://ofbiz.apache.org/security.html",
                "name": "https://ofbiz.apache.org/security.html"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[ofbiz-notifications] 20210827 [jira] [Updated] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
+                "url": "https://lists.apache.org/thread.html/r8d824c1491f552da820ef181b7b2d0541410b3a8748b7906265bbb03@%3Cnotifications.ofbiz.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[ofbiz-notifications] 20210827 [jira] [Created] (OFBIZ-12307) CVE-2021-37608 vulnerability bypass",
+                "url": "https://lists.apache.org/thread.html/rca5b167748f0d04816747d68c4ceb7afff9b7b7556211793847d3382@%3Cnotifications.ofbiz.apache.org%3E"
            }
        ]
    },
--- a/2021/38xxx/CVE-2021-38758.json
+++ b/2021/38xxx/CVE-2021-38758.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Directory traversal in Online Catering Reservation System due to lack of validation in index.php."
+                "value": "Directory traversal vulnerability in Online Catering Reservation System 1.0 exists due to lack of validation in index.php."
            }
        ]
    },
@ -56,6 +56,11 @@
                "url": "https://github.com/dumpling-soup/Online-Catering-Reservation-DT/blob/main/README.md",
                "refsource": "MISC",
                "name": "https://github.com/dumpling-soup/Online-Catering-Reservation-DT/blob/main/README.md"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-38758",
+                "url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-38758"
            }
        ]
    }
--- a/2021/3xxx/CVE-2021-3744.json
+++ b/2021/3xxx/CVE-2021-3744.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2021-3744",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}