diff --git a/2019/9xxx/CVE-2019-9376.json b/2019/9xxx/CVE-2019-9376.json index d703c75e815..28397a34d15 100644 --- a/2019/9xxx/CVE-2019-9376.json +++ b/2019/9xxx/CVE-2019-9376.json @@ -19,7 +19,13 @@ "version": { "version_data": [ { - "version_value": "Android-10" + "version_value": "Android-9" + }, + { + "version_value": "Android-8.0" + }, + { + "version_value": "Android-8.1" } ] } @@ -45,9 +51,9 @@ "references": { "reference_data": [ { - "refsource": "MISC", - "name": "https://source.android.com/security/bulletin/android-10", - "url": "https://source.android.com/security/bulletin/android-10" + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" } ] }, @@ -55,7 +61,7 @@ "description_data": [ { "lang": "eng", - "value": "In the Accounts package, there is a possible crash due to improper input validation. This could lead to permanent local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-129287265" + "value": "In Account of Account.java, there is a possible boot loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android; Versions: Android-9, Android-8.0, Android-8.1; Android ID: A-129287265." } ] } diff --git a/2020/0xxx/CVE-2020-0471.json b/2020/0xxx/CVE-2020-0471.json new file mode 100644 index 00000000000..7ff9fba40a4 --- /dev/null +++ b/2020/0xxx/CVE-2020-0471.json @@ -0,0 +1,74 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0471", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-8.0" + }, + { + "version_value": "Android-8.1" + }, + { + "version_value": "Android-9" + }, + { + "version_value": "Android-10" + }, + { + "version_value": "Android-11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In reassemble_and_dispatch of packet_fragmenter.cc, there is a possible way to inject packets into an encrypted Bluetooth connection due to improper input validation. This could lead to remote escalation of privilege between two Bluetooth devices by a proximal attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.0, Android-8.1, Android-9, Android-10, Android-11; Android ID: A-169327567." + } + ] + } +} \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13559.json b/2020/13xxx/CVE-2020-13559.json index 3eca7beb7a1..b9f8a104c27 100644 --- a/2020/13xxx/CVE-2020-13559.json +++ b/2020/13xxx/CVE-2020-13559.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13559", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "FreyrSCADA", + "version": { + "version_data": [ + { + "version_value": "IEC-60879-5-104 Server Simulator 21.04.028" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1174", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1174" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A denial-of-service vulnerability exists in the traffic-logging functionality of FreyrSCADA IEC-60879-5-104 Server Simulator 21.04.028. A specially crafted packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability." } ] } diff --git a/2020/16xxx/CVE-2020-16146.json b/2020/16xxx/CVE-2020-16146.json index dca82a432f3..087c2f32ea1 100644 --- a/2020/16xxx/CVE-2020-16146.json +++ b/2020/16xxx/CVE-2020-16146.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-16146", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-16146", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.7, 3.2.x through 3.2.3, 3.3.x through 3.3.2, and 4.0.x through 4.0.1 has a Buffer Overflow in BluFi provisioning in btc_blufi_recv_handler function in blufi_prf.c. An attacker can send a crafted BluFi protocol Write Attribute command to characteristic 0xFF01. With manipulated packet fields, there is a buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/espressif/esp-idf", + "refsource": "MISC", + "name": "https://github.com/espressif/esp-idf" + }, + { + "refsource": "MISC", + "name": "https://github.com/pokerfacett/MY_CVE_CREDIT/blob/master/CVE-2020-16146.md", + "url": "https://github.com/pokerfacett/MY_CVE_CREDIT/blob/master/CVE-2020-16146.md" } ] } diff --git a/2020/17xxx/CVE-2020-17518.json b/2020/17xxx/CVE-2020-17518.json index e3cc4ea493d..27d807a03cd 100644 --- a/2020/17xxx/CVE-2020-17518.json +++ b/2020/17xxx/CVE-2020-17518.json @@ -118,6 +118,11 @@ "refsource": "MLIST", "name": "[flink-issues] 20210107 [jira] [Commented] (FLINK-20875) Could patch CVE-2020-17518 to version 1.10", "url": "https://lists.apache.org/thread.html/r5444acac3407ef6397d6aef1b5aec2db53b4b88ef221e63084c1e5f2@%3Cissues.flink.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[flink-issues] 20210112 [jira] [Commented] (FLINK-20875) Could patch CVE-2020-17518 to version 1.10", + "url": "https://lists.apache.org/thread.html/r710693b0d3b229c81f485804ea1145b4edda79c9e77d66c39a0a2ff1@%3Cissues.flink.apache.org%3E" } ] }, diff --git a/2020/23xxx/CVE-2020-23631.json b/2020/23xxx/CVE-2020-23631.json index e896b002328..00298afc3d1 100644 --- a/2020/23xxx/CVE-2020-23631.json +++ b/2020/23xxx/CVE-2020-23631.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-23631", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-23631", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-site request forgery (CSRF) in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via the tongji parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/shadoweb/wdja/issues/11", + "refsource": "MISC", + "name": "https://github.com/shadoweb/wdja/issues/11" + }, + { + "url": "https://www.cnblogs.com/wayne-tao/p/13110663.html", + "refsource": "MISC", + "name": "https://www.cnblogs.com/wayne-tao/p/13110663.html" } ] } diff --git a/2020/24xxx/CVE-2020-24025.json b/2020/24xxx/CVE-2020-24025.json index ee3f7a088fe..4d4f4060058 100644 --- a/2020/24xxx/CVE-2020-24025.json +++ b/2020/24xxx/CVE-2020-24025.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24025", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24025", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/sass/node-sass/pull/567#issuecomment-656609236", + "refsource": "MISC", + "name": "https://github.com/sass/node-sass/pull/567#issuecomment-656609236" } ] } diff --git a/2020/24xxx/CVE-2020-24027.json b/2020/24xxx/CVE-2020-24027.json index 5d774f42093..228d12a6af6 100644 --- a/2020/24xxx/CVE-2020-24027.json +++ b/2020/24xxx/CVE-2020-24027.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24027", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24027", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP \"PLAY\" command, when the command specifies seeking by absolute time." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.live555.com/liveMedia/public/changelog.txt", + "refsource": "MISC", + "name": "http://www.live555.com/liveMedia/public/changelog.txt" + }, + { + "url": "http://lists.live555.com/pipermail/live-devel/2020-July/021662.html", + "refsource": "MISC", + "name": "http://lists.live555.com/pipermail/live-devel/2020-July/021662.html" } ] } diff --git a/2020/24xxx/CVE-2020-24700.json b/2020/24xxx/CVE-2020-24700.json index 529609f99be..3bc8ab9c1ac 100644 --- a/2020/24xxx/CVE-2020-24700.json +++ b/2020/24xxx/CVE-2020-24700.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24700", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24700", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OX App Suite through 7.10.3 allows SSRF because GET requests are sent to arbitrary domain names with an initial autoconfig. substring." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.open-xchange.com", + "refsource": "MISC", + "name": "https://www.open-xchange.com" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/160853/OX-App-Suite-OX-Documents-7.10.x-XSS-SSRF.html", + "url": "http://packetstormsecurity.com/files/160853/OX-App-Suite-OX-Documents-7.10.x-XSS-SSRF.html" } ] } diff --git a/2020/24xxx/CVE-2020-24701.json b/2020/24xxx/CVE-2020-24701.json index 89f8fb24dbb..9b0a5db6895 100644 --- a/2020/24xxx/CVE-2020-24701.json +++ b/2020/24xxx/CVE-2020-24701.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24701", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24701", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OX App Suite through 7.10.4 allows XSS via the app loading mechanism (the PATH_INFO to the /appsuite URI)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.open-xchange.com", + "refsource": "MISC", + "name": "https://www.open-xchange.com" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/160853/OX-App-Suite-OX-Documents-7.10.x-XSS-SSRF.html", + "url": "http://packetstormsecurity.com/files/160853/OX-App-Suite-OX-Documents-7.10.x-XSS-SSRF.html" } ] } diff --git a/2020/26xxx/CVE-2020-26050.json b/2020/26xxx/CVE-2020-26050.json index 7af28f9cb80..42ac369af6f 100644 --- a/2020/26xxx/CVE-2020-26050.json +++ b/2020/26xxx/CVE-2020-26050.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-26050", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-26050", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SaferVPN for Windows Ver 5.0.3.3 through 5.0.4.15 could allow local privilege escalation from low privileged users to SYSTEM via a crafted openssl configuration file. This issue is similar to CVE-2019-12572." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://vimeo.com/459654003", + "refsource": "MISC", + "name": "https://vimeo.com/459654003" + }, + { + "refsource": "MISC", + "name": "https://thebinary0x1.medium.com/cve-2020-26050-safervpn-for-windows-local-privilege-escalation-da069bb1373c", + "url": "https://thebinary0x1.medium.com/cve-2020-26050-safervpn-for-windows-local-privilege-escalation-da069bb1373c" } ] } diff --git a/2020/26xxx/CVE-2020-26118.json b/2020/26xxx/CVE-2020-26118.json index 04a2eac0a71..ed07517d03d 100644 --- a/2020/26xxx/CVE-2020-26118.json +++ b/2020/26xxx/CVE-2020-26118.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "In SmartBear Collaborator Server through 13.1.13100, use of the Google Web Toolkit (GWT) API introduces a post-authentication Java deserialization vulnerability. The application accepts a serialized Java object directly from the user without properly sanitizing it. A malicious object can be submitted to the server via an authenticated attacker to execute commands on the underlying system." + "value": "In SmartBear Collaborator Server through 13.3.13302, use of the Google Web Toolkit (GWT) API introduces a post-authentication Java deserialization vulnerability. The application's UpdateMemento class accepts a serialized Java object directly from the user without properly sanitizing it. A malicious object can be submitted to the server via an authenticated attacker to execute commands on the underlying system." } ] }, @@ -61,6 +61,11 @@ "refsource": "CONFIRM", "name": "https://support.smartbear.com/collaborator/docs/general-info/version-history/ver-13/ver-13-0.html", "url": "https://support.smartbear.com/collaborator/docs/general-info/version-history/ver-13/ver-13-0.html" + }, + { + "refsource": "MISC", + "name": "https://support.smartbear.com/collaborator/docs/general-info/whats-new.html", + "url": "https://support.smartbear.com/collaborator/docs/general-info/whats-new.html" } ] }, diff --git a/2020/26xxx/CVE-2020-26298.json b/2020/26xxx/CVE-2020-26298.json index c1f02bedb16..1cae93d8797 100644 --- a/2020/26xxx/CVE-2020-26298.json +++ b/2020/26xxx/CVE-2020-26298.json @@ -1,18 +1,109 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-26298", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Injection in Redcarpet" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "redcarpet", + "version": { + "version_data": [ + { + "version_value": "< 3.5.1" + } + ] + } + } + ] + }, + "vendor_name": "vmg" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the `:escape_html` option was being used. This is fixed in version 3.5.1 by the referenced commit." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-site Scripting (XSS)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/advisories/GHSA-q3wr-qw3g-3p4h", + "refsource": "CONFIRM", + "url": "https://github.com/advisories/GHSA-q3wr-qw3g-3p4h" + }, + { + "name": "https://github.com/vmg/redcarpet/commit/a699c82292b17c8e6a62e1914d5eccc252272793", + "refsource": "MISC", + "url": "https://github.com/vmg/redcarpet/commit/a699c82292b17c8e6a62e1914d5eccc252272793" + }, + { + "name": "https://rubygems.org/gems/redcarpet", + "refsource": "MISC", + "url": "https://rubygems.org/gems/redcarpet" + }, + { + "name": "https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md#version-351-security", + "refsource": "MISC", + "url": "https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md#version-351-security" + } + ] + }, + "source": { + "advisory": "GHSA-q3wr-qw3g-3p4h", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27059.json b/2020/27xxx/CVE-2020-27059.json index 4036cb81978..f56a66134db 100644 --- a/2020/27xxx/CVE-2020-27059.json +++ b/2020/27xxx/CVE-2020-27059.json @@ -4,14 +4,67 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-27059", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-8.0" + }, + { + "version_value": "Android-8.1" + }, + { + "version_value": "Android-9" + }, + { + "version_value": "Android-10 and 11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/pixel/2021-01-01", + "url": "https://source.android.com/security/bulletin/pixel/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In onAuthenticated of AuthenticationClient.java, there is a possible tapjacking attack when requesting the user's fingerprint due to an overlaid window. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.0, Android-8.1, Android-9, Android-10, 11; Android ID: A-159249069." } ] } diff --git a/2020/27xxx/CVE-2020-27637.json b/2020/27xxx/CVE-2020-27637.json index 3b609496e1b..6436c669978 100644 --- a/2020/27xxx/CVE-2020-27637.json +++ b/2020/27xxx/CVE-2020-27637.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-27637", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-27637", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The R programming language\u2019s default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R CMD install cli command or the install.packages() function from the interpreter. Update to version 4.0.3" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.r-project.org/foundation/", + "refsource": "MISC", + "name": "https://www.r-project.org/foundation/" + }, + { + "refsource": "MISC", + "name": "https://labs.bishopfox.com/advisories/cran-version-4.0.2", + "url": "https://labs.bishopfox.com/advisories/cran-version-4.0.2" } ] } diff --git a/2020/35xxx/CVE-2020-35653.json b/2020/35xxx/CVE-2020-35653.json index f337dc7366c..7f16c9f0160 100644 --- a/2020/35xxx/CVE-2020-35653.json +++ b/2020/35xxx/CVE-2020-35653.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-35653", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-35653", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://pillow.readthedocs.io/en/stable/releasenotes/index.html", + "refsource": "MISC", + "name": "https://pillow.readthedocs.io/en/stable/releasenotes/index.html" } ] } diff --git a/2020/35xxx/CVE-2020-35654.json b/2020/35xxx/CVE-2020-35654.json index 00dc40b83aa..65bb8f4a5ee 100644 --- a/2020/35xxx/CVE-2020-35654.json +++ b/2020/35xxx/CVE-2020-35654.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-35654", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-35654", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://pillow.readthedocs.io/en/stable/releasenotes/index.html", + "refsource": "MISC", + "name": "https://pillow.readthedocs.io/en/stable/releasenotes/index.html" } ] } diff --git a/2020/35xxx/CVE-2020-35655.json b/2020/35xxx/CVE-2020-35655.json index b9f0b6bfcab..4d1325778a6 100644 --- a/2020/35xxx/CVE-2020-35655.json +++ b/2020/35xxx/CVE-2020-35655.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-35655", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-35655", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://pillow.readthedocs.io/en/stable/releasenotes/index.html", + "refsource": "MISC", + "name": "https://pillow.readthedocs.io/en/stable/releasenotes/index.html" } ] } diff --git a/2020/4xxx/CVE-2020-4869.json b/2020/4xxx/CVE-2020-4869.json index ad0eed6e254..b16223aa424 100644 --- a/2020/4xxx/CVE-2020-4869.json +++ b/2020/4xxx/CVE-2020-4869.json @@ -1,18 +1,93 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Denial of Service", + "lang": "eng" + } + ] + } + ] + }, "CVE_data_meta": { - "ID": "CVE-2020-4869", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "DATE_PUBLIC": "2021-01-08T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2020-4869" + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "MQ Appliance", + "version": { + "version_data": [ + { + "version_value": "9.2.0.0" + }, + { + "version_value": "9.2.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "name": "https://www.ibm.com/support/pages/node/6398791", + "url": "https://www.ibm.com/support/pages/node/6398791", + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 6398791 (MQ Appliance)" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/190831", + "refsource": "XF", + "name": "ibm-mq-cve20204869-dos (190831)", + "title": "X-Force Vulnerability Report" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM MQ Appliance 9.2 CD and 9.2 LTS is vulnerable to a denial of service, caused by a buffer overflow. A remote attacker could send a specially crafted SNMP query to cause the appliance to reload. IBM X-Force ID: 190831." } ] - } + }, + "data_format": "MITRE", + "impact": { + "cvssv3": { + "BM": { + "SCORE": "5.300", + "AC": "H", + "I": "N", + "AV": "N", + "C": "N", + "UI": "N", + "PR": "L", + "S": "U", + "A": "H" + }, + "TM": { + "RC": "C", + "E": "U", + "RL": "O" + } + } + }, + "data_version": "4.0" } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0301.json b/2021/0xxx/CVE-2021-0301.json index e843b22c970..04197d6ce1a 100644 --- a/2021/0xxx/CVE-2021-0301.json +++ b/2021/0xxx/CVE-2021-0301.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0301", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android SoC" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android SoC; Android ID: A-172514667." } ] } diff --git a/2021/0xxx/CVE-2021-0303.json b/2021/0xxx/CVE-2021-0303.json index 0580839a619..2532cac3ece 100644 --- a/2021/0xxx/CVE-2021-0303.json +++ b/2021/0xxx/CVE-2021-0303.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0303", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In dispatchGraphTerminationMessage() of packages/services/Car/computepipe/runner/graph/StreamSetObserver.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Android ID: A-170407229." } ] } diff --git a/2021/0xxx/CVE-2021-0304.json b/2021/0xxx/CVE-2021-0304.json index 9ff0c8db03f..b3f74aa4267 100644 --- a/2021/0xxx/CVE-2021-0304.json +++ b/2021/0xxx/CVE-2021-0304.json @@ -4,14 +4,67 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0304", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + }, + { + "version_value": "Android-8.0" + }, + { + "version_value": "Android-8.1" + }, + { + "version_value": "Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In several functions of GlobalScreenshot.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of the user's contacts with User execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-8.0, Android-8.1, Android-9; Android ID: A-162738636." } ] } diff --git a/2021/0xxx/CVE-2021-0306.json b/2021/0xxx/CVE-2021-0306.json index a5e67949c42..5d39a5b3bf0 100644 --- a/2021/0xxx/CVE-2021-0306.json +++ b/2021/0xxx/CVE-2021-0306.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0306", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-11" + }, + { + "version_value": "Android-8.0" + }, + { + "version_value": "Android-8.1" + }, + { + "version_value": "Android-9" + }, + { + "version_value": "Android-10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In addAllPermissions of PermissionManagerService.java, there is a possible permissions bypass when upgrading major Android versions which allows an app to gain the android.permission.ACTIVITY_RECOGNITION permission without user confirmation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11, Android-8.0, Android-8.1, Android-9, Android-10; Android ID: A-154505240." } ] } diff --git a/2021/0xxx/CVE-2021-0307.json b/2021/0xxx/CVE-2021-0307.json index 918bfa2b7d7..8feafef07e3 100644 --- a/2021/0xxx/CVE-2021-0307.json +++ b/2021/0xxx/CVE-2021-0307.json @@ -4,14 +4,61 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0307", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + }, + { + "version_value": "Android-11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In updatePermissionSourcePackage of PermissionManagerService.java, there is a possible automatic runtime permission grant due to a confused deputy. This could lead to local escalation of privilege allowing a malicious app to silently gain access to a dangerous permission with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Android ID: A-155648771." } ] } diff --git a/2021/0xxx/CVE-2021-0308.json b/2021/0xxx/CVE-2021-0308.json index 2297ad85ba1..d2f6a21a44e 100644 --- a/2021/0xxx/CVE-2021-0308.json +++ b/2021/0xxx/CVE-2021-0308.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0308", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-8.1" + }, + { + "version_value": "Android-9" + }, + { + "version_value": "Android-10" + }, + { + "version_value": "Android-11" + }, + { + "version_value": "Android-8.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095." } ] } diff --git a/2021/0xxx/CVE-2021-0309.json b/2021/0xxx/CVE-2021-0309.json index 2455947db7b..c5b189fac85 100644 --- a/2021/0xxx/CVE-2021-0309.json +++ b/2021/0xxx/CVE-2021-0309.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0309", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-8.1" + }, + { + "version_value": "Android-9" + }, + { + "version_value": "Android-10" + }, + { + "version_value": "Android-11" + }, + { + "version_value": "Android-8.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In onCreate of grantCredentialsPermissionActivity, there is a confused deputy. This could lead to local information disclosure and account access with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158480899." } ] } diff --git a/2021/0xxx/CVE-2021-0310.json b/2021/0xxx/CVE-2021-0310.json index d0f8fb403bc..528e5643615 100644 --- a/2021/0xxx/CVE-2021-0310.json +++ b/2021/0xxx/CVE-2021-0310.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0310", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In LazyServiceRegistrar of LazyServiceRegistrar.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Android ID: A-170212632." } ] } diff --git a/2021/0xxx/CVE-2021-0311.json b/2021/0xxx/CVE-2021-0311.json index 735ba5284a5..444e5652437 100644 --- a/2021/0xxx/CVE-2021-0311.json +++ b/2021/0xxx/CVE-2021-0311.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0311", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-9" + }, + { + "version_value": "Android-10" + }, + { + "version_value": "Android-11" + }, + { + "version_value": "Android-8.0" + }, + { + "version_value": "Android-8.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In ElementaryStreamQueue::dequeueAccessUnitH264() of ESQueue.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11, Android-8.0, Android-8.1; Android ID: A-170240631." } ] } diff --git a/2021/0xxx/CVE-2021-0312.json b/2021/0xxx/CVE-2021-0312.json index 5769ec812bf..39c717144e6 100644 --- a/2021/0xxx/CVE-2021-0312.json +++ b/2021/0xxx/CVE-2021-0312.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0312", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-8.1" + }, + { + "version_value": "Android-9" + }, + { + "version_value": "Android-10" + }, + { + "version_value": "Android-11" + }, + { + "version_value": "Android-8.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In WAVSource::read of WAVExtractor.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-170583712." } ] } diff --git a/2021/0xxx/CVE-2021-0313.json b/2021/0xxx/CVE-2021-0313.json index 83a2121a718..1fab05392c2 100644 --- a/2021/0xxx/CVE-2021-0313.json +++ b/2021/0xxx/CVE-2021-0313.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0313", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-9" + }, + { + "version_value": "Android-10" + }, + { + "version_value": "Android-11" + }, + { + "version_value": "Android-8.0" + }, + { + "version_value": "Android-8.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In isWordBreakAfter of LayoutUtils.cpp, there is a possible way to slow or crash a TextView due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11, Android-8.0, Android-8.1; Android ID: A-170968514." } ] } diff --git a/2021/0xxx/CVE-2021-0315.json b/2021/0xxx/CVE-2021-0315.json index 4c50216fcd2..729aaba9b3a 100644 --- a/2021/0xxx/CVE-2021-0315.json +++ b/2021/0xxx/CVE-2021-0315.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0315", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-8.1" + }, + { + "version_value": "Android-9" + }, + { + "version_value": "Android-10" + }, + { + "version_value": "Android-11" + }, + { + "version_value": "Android-8.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In onCreate of GrantCredentialsPermissionActivity.java, there is a possible way to convince the user to grant an app access to an account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-169763814." } ] } diff --git a/2021/0xxx/CVE-2021-0316.json b/2021/0xxx/CVE-2021-0316.json index c1006b1bbe4..d4379ffcd49 100644 --- a/2021/0xxx/CVE-2021-0316.json +++ b/2021/0xxx/CVE-2021-0316.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0316", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-11" + }, + { + "version_value": "Android-8.0" + }, + { + "version_value": "Android-8.1" + }, + { + "version_value": "Android-9" + }, + { + "version_value": "Android-10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11, Android-8.0, Android-8.1, Android-9, Android-10; Android ID: A-168802990." } ] } diff --git a/2021/0xxx/CVE-2021-0317.json b/2021/0xxx/CVE-2021-0317.json index 990ecd99213..3c4c085f2fc 100644 --- a/2021/0xxx/CVE-2021-0317.json +++ b/2021/0xxx/CVE-2021-0317.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0317", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + }, + { + "version_value": "Android-11" + }, + { + "version_value": "Android-8.0" + }, + { + "version_value": "Android-8.1" + }, + { + "version_value": "Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In createOrUpdate of Permission.java and related code, there is possible permission escalation due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-10, Android-11, Android-8.0, Android-8.1, Android-9; Android ID: A-168319670." } ] } diff --git a/2021/0xxx/CVE-2021-0318.json b/2021/0xxx/CVE-2021-0318.json index 43a877ed232..d09eef1a0b2 100644 --- a/2021/0xxx/CVE-2021-0318.json +++ b/2021/0xxx/CVE-2021-0318.json @@ -4,14 +4,67 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0318", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-9" + }, + { + "version_value": "Android-8.1" + }, + { + "version_value": "Android-10" + }, + { + "version_value": "Android-11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In appendEventsToCacheLocked of SensorEventConnection.cpp, there is a possible out of bounds write due to a use-after-free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-8.1, Android-10, Android-11; Android ID: A-168211968." } ] } diff --git a/2021/0xxx/CVE-2021-0319.json b/2021/0xxx/CVE-2021-0319.json index 2526c829e2f..c68d1e4508d 100644 --- a/2021/0xxx/CVE-2021-0319.json +++ b/2021/0xxx/CVE-2021-0319.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0319", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-8.0" + }, + { + "version_value": "Android-8.1" + }, + { + "version_value": "Android-9" + }, + { + "version_value": "Android-10" + }, + { + "version_value": "Android-11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In checkCallerIsSystemOr of CompanionDeviceManagerService.java, there is a possible way to get a nearby Bluetooth device's MAC address without appropriate permissions due to a permissions bypass. This could lead to local escalation of privilege that grants access to nearby MAC addresses, with User execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.0, Android-8.1, Android-9, Android-10, Android-11; Android ID: A-167244818." } ] } diff --git a/2021/0xxx/CVE-2021-0320.json b/2021/0xxx/CVE-2021-0320.json index 7bd92f7a491..21b7957dd10 100644 --- a/2021/0xxx/CVE-2021-0320.json +++ b/2021/0xxx/CVE-2021-0320.json @@ -4,14 +4,61 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0320", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + }, + { + "version_value": "Android-11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In is_device_locked and set_device_locked of keystore_keymaster_enforcement.h, there is a possible bypass of lockscreen requirements for keyguard bound keys due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Android ID: A-169933423." } ] } diff --git a/2021/0xxx/CVE-2021-0321.json b/2021/0xxx/CVE-2021-0321.json index 8a99d1425e0..9aa014d01f0 100644 --- a/2021/0xxx/CVE-2021-0321.json +++ b/2021/0xxx/CVE-2021-0321.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0321", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In enforceDumpPermissionForPackage of ActivityManagerService.java, there is a possible way to determine if a package is installed due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Android ID: A-166667403." } ] } diff --git a/2021/0xxx/CVE-2021-0322.json b/2021/0xxx/CVE-2021-0322.json index 6e0493dfc3f..316807ca1dd 100644 --- a/2021/0xxx/CVE-2021-0322.json +++ b/2021/0xxx/CVE-2021-0322.json @@ -4,14 +4,64 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0322", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + }, + { + "version_value": "Android-11" + }, + { + "version_value": "Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2021-01-01", + "url": "https://source.android.com/security/bulletin/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In onCreate of SlicePermissionActivity.java, there is a possible misleading string displayed due to improper input validation. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: Android; Versions: Android-10, Android-11, Android-9; Android ID: A-159145361." } ] } diff --git a/2021/0xxx/CVE-2021-0342.json b/2021/0xxx/CVE-2021-0342.json index d3ff0e3958f..ccc54af6e4d 100644 --- a/2021/0xxx/CVE-2021-0342.json +++ b/2021/0xxx/CVE-2021-0342.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0342", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android kernel" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/pixel/2021-01-01", + "url": "https://source.android.com/security/bulletin/pixel/2021-01-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is not required for exploitation. Product: Android; Versions: Android kernel; Android ID: A-146554327." } ] } diff --git a/2021/21xxx/CVE-2021-21241.json b/2021/21xxx/CVE-2021-21241.json index 94c5918ee67..91d54103363 100644 --- a/2021/21xxx/CVE-2021-21241.json +++ b/2021/21xxx/CVE-2021-21241.json @@ -1,18 +1,108 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-21241", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "CSRF can expose users authentication token in Flask-Security-Too" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "flask-security-too", + "version": { + "version_data": [ + { + "version_value": ">= 3.3.0, < 3.4.5" + } + ] + } + } + ] + }, + "vendor_name": "Flask-Middleware" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Python \"Flask-Security-Too\" package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. In Flask-Security-Too from version 3.3.0 and before version 3.4.5, the /login and /change endpoints can return the authenticated user's authentication token in response to a GET request. Since GET requests aren't protected with a CSRF token, this could lead to a malicious 3rd party site acquiring the authentication token. Version 3.4.5 and version 4.0.0 are patched. As a workaround, if you aren't using authentication tokens - you can set the SECURITY_TOKEN_MAX_AGE to \"0\" (seconds) which should make the token unusable." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.4, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/Flask-Middleware/flask-security/security/advisories/GHSA-hh7m-rx4f-4vpv", + "refsource": "CONFIRM", + "url": "https://github.com/Flask-Middleware/flask-security/security/advisories/GHSA-hh7m-rx4f-4vpv" + }, + { + "name": "https://github.com/Flask-Middleware/flask-security/pull/422", + "refsource": "MISC", + "url": "https://github.com/Flask-Middleware/flask-security/pull/422" + }, + { + "name": "https://github.com/Flask-Middleware/flask-security/commit/61d313150b5f620d0b800896c4f2199005e84b1f", + "refsource": "MISC", + "url": "https://github.com/Flask-Middleware/flask-security/commit/61d313150b5f620d0b800896c4f2199005e84b1f" + }, + { + "name": "https://github.com/Flask-Middleware/flask-security/commit/6d50ee9169acf813257c37b75babe9c28e83542a", + "refsource": "MISC", + "url": "https://github.com/Flask-Middleware/flask-security/commit/6d50ee9169acf813257c37b75babe9c28e83542a" + }, + { + "name": "https://github.com/Flask-Middleware/flask-security/releases/tag/3.4.5", + "refsource": "MISC", + "url": "https://github.com/Flask-Middleware/flask-security/releases/tag/3.4.5" + }, + { + "name": "https://pypi.org/project/Flask-Security-Too", + "refsource": "MISC", + "url": "https://pypi.org/project/Flask-Security-Too" + } + ] + }, + "source": { + "advisory": "GHSA-hh7m-rx4f-4vpv", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23239.json b/2021/23xxx/CVE-2021-23239.json index 3b4fed58c88..28ff676ae5a 100644 --- a/2021/23xxx/CVE-2021-23239.json +++ b/2021/23xxx/CVE-2021-23239.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-23239", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-23239", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2021-23239", + "refsource": "MISC", + "name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2021-23239" + }, + { + "refsource": "CONFIRM", + "name": "https://www.sudo.ws/stable.html#1.9.5", + "url": "https://www.sudo.ws/stable.html#1.9.5" } ] } diff --git a/2021/23xxx/CVE-2021-23240.json b/2021/23xxx/CVE-2021-23240.json index c555cd8f6bc..b1b79f22daf 100644 --- a/2021/23xxx/CVE-2021-23240.json +++ b/2021/23xxx/CVE-2021-23240.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-23240", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-23240", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2021-23240", + "refsource": "MISC", + "name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2021-23240" + }, + { + "refsource": "CONFIRM", + "name": "https://www.sudo.ws/stable.html#1.9.5", + "url": "https://www.sudo.ws/stable.html#1.9.5" } ] } diff --git a/2021/23xxx/CVE-2021-23835.json b/2021/23xxx/CVE-2021-23835.json new file mode 100644 index 00000000000..797477ffa71 --- /dev/null +++ b/2021/23xxx/CVE-2021-23835.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23835", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23836.json b/2021/23xxx/CVE-2021-23836.json new file mode 100644 index 00000000000..815fed2d0bd --- /dev/null +++ b/2021/23xxx/CVE-2021-23836.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23836", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23837.json b/2021/23xxx/CVE-2021-23837.json new file mode 100644 index 00000000000..ea20267ea50 --- /dev/null +++ b/2021/23xxx/CVE-2021-23837.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23837", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23838.json b/2021/23xxx/CVE-2021-23838.json new file mode 100644 index 00000000000..c0128d4ba15 --- /dev/null +++ b/2021/23xxx/CVE-2021-23838.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23838", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23839.json b/2021/23xxx/CVE-2021-23839.json new file mode 100644 index 00000000000..8f9bbbc91cd --- /dev/null +++ b/2021/23xxx/CVE-2021-23839.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23839", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23840.json b/2021/23xxx/CVE-2021-23840.json new file mode 100644 index 00000000000..51e7fcfafdc --- /dev/null +++ b/2021/23xxx/CVE-2021-23840.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23840", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23841.json b/2021/23xxx/CVE-2021-23841.json new file mode 100644 index 00000000000..c4145d21ec8 --- /dev/null +++ b/2021/23xxx/CVE-2021-23841.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23841", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23842.json b/2021/23xxx/CVE-2021-23842.json new file mode 100644 index 00000000000..df418ed6d82 --- /dev/null +++ b/2021/23xxx/CVE-2021-23842.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23842", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23843.json b/2021/23xxx/CVE-2021-23843.json new file mode 100644 index 00000000000..6c6290a5b21 --- /dev/null +++ b/2021/23xxx/CVE-2021-23843.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23843", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23844.json b/2021/23xxx/CVE-2021-23844.json new file mode 100644 index 00000000000..4acc59c0711 --- /dev/null +++ b/2021/23xxx/CVE-2021-23844.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23844", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23845.json b/2021/23xxx/CVE-2021-23845.json new file mode 100644 index 00000000000..13bc7ee8356 --- /dev/null +++ b/2021/23xxx/CVE-2021-23845.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23845", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23846.json b/2021/23xxx/CVE-2021-23846.json new file mode 100644 index 00000000000..20c7fd7fb0d --- /dev/null +++ b/2021/23xxx/CVE-2021-23846.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23846", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23847.json b/2021/23xxx/CVE-2021-23847.json new file mode 100644 index 00000000000..06905968a63 --- /dev/null +++ b/2021/23xxx/CVE-2021-23847.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23847", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23848.json b/2021/23xxx/CVE-2021-23848.json new file mode 100644 index 00000000000..97e51d54653 --- /dev/null +++ b/2021/23xxx/CVE-2021-23848.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23848", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23849.json b/2021/23xxx/CVE-2021-23849.json new file mode 100644 index 00000000000..35650cc3a9b --- /dev/null +++ b/2021/23xxx/CVE-2021-23849.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23849", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23850.json b/2021/23xxx/CVE-2021-23850.json new file mode 100644 index 00000000000..494670b918e --- /dev/null +++ b/2021/23xxx/CVE-2021-23850.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23850", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23851.json b/2021/23xxx/CVE-2021-23851.json new file mode 100644 index 00000000000..ce0e1159fe7 --- /dev/null +++ b/2021/23xxx/CVE-2021-23851.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23851", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23852.json b/2021/23xxx/CVE-2021-23852.json new file mode 100644 index 00000000000..4b8788e1078 --- /dev/null +++ b/2021/23xxx/CVE-2021-23852.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23852", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23853.json b/2021/23xxx/CVE-2021-23853.json new file mode 100644 index 00000000000..270cb811aba --- /dev/null +++ b/2021/23xxx/CVE-2021-23853.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23853", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23854.json b/2021/23xxx/CVE-2021-23854.json new file mode 100644 index 00000000000..5582ebaa86d --- /dev/null +++ b/2021/23xxx/CVE-2021-23854.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23854", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23855.json b/2021/23xxx/CVE-2021-23855.json new file mode 100644 index 00000000000..a788af3cf37 --- /dev/null +++ b/2021/23xxx/CVE-2021-23855.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23855", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23856.json b/2021/23xxx/CVE-2021-23856.json new file mode 100644 index 00000000000..29d12855a5c --- /dev/null +++ b/2021/23xxx/CVE-2021-23856.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23856", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23857.json b/2021/23xxx/CVE-2021-23857.json new file mode 100644 index 00000000000..6dd890dad5b --- /dev/null +++ b/2021/23xxx/CVE-2021-23857.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23857", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23858.json b/2021/23xxx/CVE-2021-23858.json new file mode 100644 index 00000000000..6e1dd4116a1 --- /dev/null +++ b/2021/23xxx/CVE-2021-23858.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23858", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23859.json b/2021/23xxx/CVE-2021-23859.json new file mode 100644 index 00000000000..b4beb708d76 --- /dev/null +++ b/2021/23xxx/CVE-2021-23859.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23859", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23860.json b/2021/23xxx/CVE-2021-23860.json new file mode 100644 index 00000000000..b7003d79367 --- /dev/null +++ b/2021/23xxx/CVE-2021-23860.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23860", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23861.json b/2021/23xxx/CVE-2021-23861.json new file mode 100644 index 00000000000..411bf92f145 --- /dev/null +++ b/2021/23xxx/CVE-2021-23861.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23861", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23862.json b/2021/23xxx/CVE-2021-23862.json new file mode 100644 index 00000000000..75c50ee1fae --- /dev/null +++ b/2021/23xxx/CVE-2021-23862.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23862", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23863.json b/2021/23xxx/CVE-2021-23863.json new file mode 100644 index 00000000000..6fbc3c7e2c4 --- /dev/null +++ b/2021/23xxx/CVE-2021-23863.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23863", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23864.json b/2021/23xxx/CVE-2021-23864.json new file mode 100644 index 00000000000..071fe4ce4a0 --- /dev/null +++ b/2021/23xxx/CVE-2021-23864.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23864", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23865.json b/2021/23xxx/CVE-2021-23865.json new file mode 100644 index 00000000000..2cb14a1fc66 --- /dev/null +++ b/2021/23xxx/CVE-2021-23865.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23865", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23866.json b/2021/23xxx/CVE-2021-23866.json new file mode 100644 index 00000000000..a3874b7e755 --- /dev/null +++ b/2021/23xxx/CVE-2021-23866.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23866", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23867.json b/2021/23xxx/CVE-2021-23867.json new file mode 100644 index 00000000000..0ad917918a5 --- /dev/null +++ b/2021/23xxx/CVE-2021-23867.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23867", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23868.json b/2021/23xxx/CVE-2021-23868.json new file mode 100644 index 00000000000..cc7d74034bc --- /dev/null +++ b/2021/23xxx/CVE-2021-23868.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23868", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23869.json b/2021/23xxx/CVE-2021-23869.json new file mode 100644 index 00000000000..456484996cf --- /dev/null +++ b/2021/23xxx/CVE-2021-23869.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23869", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23870.json b/2021/23xxx/CVE-2021-23870.json new file mode 100644 index 00000000000..a023bb12602 --- /dev/null +++ b/2021/23xxx/CVE-2021-23870.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23870", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23871.json b/2021/23xxx/CVE-2021-23871.json new file mode 100644 index 00000000000..18e1bf61195 --- /dev/null +++ b/2021/23xxx/CVE-2021-23871.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23871", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23872.json b/2021/23xxx/CVE-2021-23872.json new file mode 100644 index 00000000000..e05b418d0ae --- /dev/null +++ b/2021/23xxx/CVE-2021-23872.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23872", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23873.json b/2021/23xxx/CVE-2021-23873.json new file mode 100644 index 00000000000..7f4662a15f7 --- /dev/null +++ b/2021/23xxx/CVE-2021-23873.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23873", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23874.json b/2021/23xxx/CVE-2021-23874.json new file mode 100644 index 00000000000..c18b86e5bda --- /dev/null +++ b/2021/23xxx/CVE-2021-23874.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23874", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23875.json b/2021/23xxx/CVE-2021-23875.json new file mode 100644 index 00000000000..9670e4615f0 --- /dev/null +++ b/2021/23xxx/CVE-2021-23875.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23875", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23876.json b/2021/23xxx/CVE-2021-23876.json new file mode 100644 index 00000000000..4ed7bd954cf --- /dev/null +++ b/2021/23xxx/CVE-2021-23876.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23876", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23877.json b/2021/23xxx/CVE-2021-23877.json new file mode 100644 index 00000000000..f8d1f1ede9e --- /dev/null +++ b/2021/23xxx/CVE-2021-23877.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23877", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23878.json b/2021/23xxx/CVE-2021-23878.json new file mode 100644 index 00000000000..19eb97cd8a7 --- /dev/null +++ b/2021/23xxx/CVE-2021-23878.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23878", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23879.json b/2021/23xxx/CVE-2021-23879.json new file mode 100644 index 00000000000..5780fbe0198 --- /dev/null +++ b/2021/23xxx/CVE-2021-23879.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23879", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23880.json b/2021/23xxx/CVE-2021-23880.json new file mode 100644 index 00000000000..db534d0927c --- /dev/null +++ b/2021/23xxx/CVE-2021-23880.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23880", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23881.json b/2021/23xxx/CVE-2021-23881.json new file mode 100644 index 00000000000..5800c5f9acf --- /dev/null +++ b/2021/23xxx/CVE-2021-23881.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23881", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23882.json b/2021/23xxx/CVE-2021-23882.json new file mode 100644 index 00000000000..6fabdac2694 --- /dev/null +++ b/2021/23xxx/CVE-2021-23882.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23882", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23883.json b/2021/23xxx/CVE-2021-23883.json new file mode 100644 index 00000000000..f70dadead0a --- /dev/null +++ b/2021/23xxx/CVE-2021-23883.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23883", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23884.json b/2021/23xxx/CVE-2021-23884.json new file mode 100644 index 00000000000..af2fa0caedd --- /dev/null +++ b/2021/23xxx/CVE-2021-23884.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23884", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23885.json b/2021/23xxx/CVE-2021-23885.json new file mode 100644 index 00000000000..edba7b82eaa --- /dev/null +++ b/2021/23xxx/CVE-2021-23885.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23885", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23886.json b/2021/23xxx/CVE-2021-23886.json new file mode 100644 index 00000000000..f496119480a --- /dev/null +++ b/2021/23xxx/CVE-2021-23886.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23886", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23887.json b/2021/23xxx/CVE-2021-23887.json new file mode 100644 index 00000000000..995e08f86fe --- /dev/null +++ b/2021/23xxx/CVE-2021-23887.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23887", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23888.json b/2021/23xxx/CVE-2021-23888.json new file mode 100644 index 00000000000..e64998effa0 --- /dev/null +++ b/2021/23xxx/CVE-2021-23888.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23888", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23889.json b/2021/23xxx/CVE-2021-23889.json new file mode 100644 index 00000000000..87d414f18c3 --- /dev/null +++ b/2021/23xxx/CVE-2021-23889.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23889", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23890.json b/2021/23xxx/CVE-2021-23890.json new file mode 100644 index 00000000000..0567b50938c --- /dev/null +++ b/2021/23xxx/CVE-2021-23890.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23890", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23891.json b/2021/23xxx/CVE-2021-23891.json new file mode 100644 index 00000000000..ea26ad619bd --- /dev/null +++ b/2021/23xxx/CVE-2021-23891.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23891", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23892.json b/2021/23xxx/CVE-2021-23892.json new file mode 100644 index 00000000000..ad68547751e --- /dev/null +++ b/2021/23xxx/CVE-2021-23892.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23892", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23893.json b/2021/23xxx/CVE-2021-23893.json new file mode 100644 index 00000000000..bd2da05b3c0 --- /dev/null +++ b/2021/23xxx/CVE-2021-23893.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23893", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23894.json b/2021/23xxx/CVE-2021-23894.json new file mode 100644 index 00000000000..409ff527be1 --- /dev/null +++ b/2021/23xxx/CVE-2021-23894.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23894", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23895.json b/2021/23xxx/CVE-2021-23895.json new file mode 100644 index 00000000000..03f3d8e7632 --- /dev/null +++ b/2021/23xxx/CVE-2021-23895.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23895", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23896.json b/2021/23xxx/CVE-2021-23896.json new file mode 100644 index 00000000000..50cc474ded0 --- /dev/null +++ b/2021/23xxx/CVE-2021-23896.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23896", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23897.json b/2021/23xxx/CVE-2021-23897.json new file mode 100644 index 00000000000..0a5819657f5 --- /dev/null +++ b/2021/23xxx/CVE-2021-23897.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23897", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23898.json b/2021/23xxx/CVE-2021-23898.json new file mode 100644 index 00000000000..e3f59f92cc7 --- /dev/null +++ b/2021/23xxx/CVE-2021-23898.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23898", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23899.json b/2021/23xxx/CVE-2021-23899.json new file mode 100644 index 00000000000..d04cfeedcff --- /dev/null +++ b/2021/23xxx/CVE-2021-23899.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23899", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23900.json b/2021/23xxx/CVE-2021-23900.json new file mode 100644 index 00000000000..efc2df0ffc7 --- /dev/null +++ b/2021/23xxx/CVE-2021-23900.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23900", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23901.json b/2021/23xxx/CVE-2021-23901.json new file mode 100644 index 00000000000..9b309cf0256 --- /dev/null +++ b/2021/23xxx/CVE-2021-23901.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-23901", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3125.json b/2021/3xxx/CVE-2021-3125.json new file mode 100644 index 00000000000..57f9ae7dddf --- /dev/null +++ b/2021/3xxx/CVE-2021-3125.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3125", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3126.json b/2021/3xxx/CVE-2021-3126.json new file mode 100644 index 00000000000..1c4ccc02aef --- /dev/null +++ b/2021/3xxx/CVE-2021-3126.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3126", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3127.json b/2021/3xxx/CVE-2021-3127.json new file mode 100644 index 00000000000..cd36d8fd39a --- /dev/null +++ b/2021/3xxx/CVE-2021-3127.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3127", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3128.json b/2021/3xxx/CVE-2021-3128.json new file mode 100644 index 00000000000..ce5e95f3d68 --- /dev/null +++ b/2021/3xxx/CVE-2021-3128.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3128", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file