mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
54078d6ac2
commit
a5c6dac746
@ -96,6 +96,11 @@
|
||||
"name": "https://github.com/xmldom/xmldom/commit/d4201b9dfbf760049f457f9f08a3888d48835135",
|
||||
"refsource": "MISC",
|
||||
"url": "https://github.com/xmldom/xmldom/commit/d4201b9dfbf760049f457f9f08a3888d48835135"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[debian-lts-announce] 20230101 [SECURITY] [DLA 3260-1] node-xmldom security update",
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00000.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
126
2021/4xxx/CVE-2021-4297.json
Normal file
126
2021/4xxx/CVE-2021-4297.json
Normal file
@ -0,0 +1,126 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-4297",
|
||||
"ASSIGNER": "cna@vuldb.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been found in trampgeek jobe up to 1.6.4 and classified as problematic. This vulnerability affects the function runs_post of the file application/controllers/Restapi.php. The manipulation of the argument sourcefilename leads to an unknown weakness. Upgrading to version 1.6.5 is able to address this issue. The name of the patch is 694da5013dbecc8d30dd83e2a83e78faadf93771. It is recommended to upgrade the affected component. VDB-217174 is the identifier assigned to this vulnerability."
|
||||
},
|
||||
{
|
||||
"lang": "deu",
|
||||
"value": "In trampgeek jobe bis 1.6.4 wurde eine problematische Schwachstelle gefunden. Hierbei betrifft es die Funktion runs_post der Datei application/controllers/Restapi.php. Dank Manipulation des Arguments sourcefilename mit unbekannten Daten kann eine unbekannte Schwachstelle ausgenutzt werden. Ein Aktualisieren auf die Version 1.6.5 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 694da5013dbecc8d30dd83e2a83e78faadf93771 bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Privilege Escalation"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "trampgeek",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "jobe",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "1.6.0",
|
||||
"version_affected": "="
|
||||
},
|
||||
{
|
||||
"version_value": "1.6.1",
|
||||
"version_affected": "="
|
||||
},
|
||||
{
|
||||
"version_value": "1.6.2",
|
||||
"version_affected": "="
|
||||
},
|
||||
{
|
||||
"version_value": "1.6.3",
|
||||
"version_affected": "="
|
||||
},
|
||||
{
|
||||
"version_value": "1.6.4",
|
||||
"version_affected": "="
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://vuldb.com/?id.217174",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?id.217174"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?ctiid.217174",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?ctiid.217174"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/trampgeek/jobe/issues/46",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/trampgeek/jobe/issues/46"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/trampgeek/jobe/commit/694da5013dbecc8d30dd83e2a83e78faadf93771",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/trampgeek/jobe/commit/694da5013dbecc8d30dd83e2a83e78faadf93771"
|
||||
}
|
||||
]
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "VulDB GitHub Commit Analyzer"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"baseScore": 5.5,
|
||||
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
{
|
||||
"version": "3.0",
|
||||
"baseScore": 5.5,
|
||||
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
{
|
||||
"version": "2.0",
|
||||
"baseScore": 4.9,
|
||||
"vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P",
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
@ -95,6 +95,11 @@
|
||||
"name": "https://github.com/jindw/xmldom/issues/150",
|
||||
"refsource": "MISC",
|
||||
"url": "https://github.com/jindw/xmldom/issues/150"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[debian-lts-announce] 20230101 [SECURITY] [DLA 3260-1] node-xmldom security update",
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00000.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user