admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-05-07 05:00:43 +00:00
parent d75962fa22
commit a89be25a90
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
27 changed files with 395 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/25xxx/CVE-2019-25031.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210506 [SECURITY] [DLA 2652-1] unbound1.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0007/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0007/"
}
]
}

5
2019/25xxx/CVE-2019-25032.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210506 [SECURITY] [DLA 2652-1] unbound1.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0007/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0007/"
}
]
}

5
2019/25xxx/CVE-2019-25033.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210506 [SECURITY] [DLA 2652-1] unbound1.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0007/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0007/"
}
]
}

5
2019/25xxx/CVE-2019-25034.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210506 [SECURITY] [DLA 2652-1] unbound1.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0007/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0007/"
}
]
}

5
2019/25xxx/CVE-2019-25035.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210506 [SECURITY] [DLA 2652-1] unbound1.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0007/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0007/"
}
]
}

5
2019/25xxx/CVE-2019-25036.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210506 [SECURITY] [DLA 2652-1] unbound1.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0007/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0007/"
}
]
}

5
2019/25xxx/CVE-2019-25037.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210506 [SECURITY] [DLA 2652-1] unbound1.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0007/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0007/"
}
]
}

5
2019/25xxx/CVE-2019-25038.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210506 [SECURITY] [DLA 2652-1] unbound1.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0007/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0007/"
}
]
}

5
2019/25xxx/CVE-2019-25039.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210506 [SECURITY] [DLA 2652-1] unbound1.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0007/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0007/"
}
]
}

5
2019/25xxx/CVE-2019-25040.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210506 [SECURITY] [DLA 2652-1] unbound1.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0007/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0007/"
}
]
}

5
2019/25xxx/CVE-2019-25041.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210506 [SECURITY] [DLA 2652-1] unbound1.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0007/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0007/"
}
]
}

5
2019/25xxx/CVE-2019-25042.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210506 [SECURITY] [DLA 2652-1] unbound1.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0007/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0007/"
}
]
}

5
2020/36xxx/CVE-2020-36309.json
View File

@ -66,6 +66,11 @@
"url": "https://news.ycombinator.com/item?id=26712562",
"refsource": "MISC",
"name": "https://news.ycombinator.com/item?id=26712562"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0005/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0005/"
}
]
}

5
2021/20xxx/CVE-2021-20255.json
View File

@ -63,6 +63,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210410 [SECURITY] [DLA 2623-1] qemu security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00009.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0003/"
}
]
},

5
2021/20xxx/CVE-2021-20263.json
View File

@ -53,6 +53,11 @@
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2021/03/08/1",
"url": "https://www.openwall.com/lists/oss-security/2021/03/08/1"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0002/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0002/"
}
]
},

5
2021/21xxx/CVE-2021-21295.json
View File

@ -388,6 +388,11 @@
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rcfc154eb2de23d2dc08a56100341161e1a40a8ea86c693735437e8f2@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/rcfc154eb2de23d2dc08a56100341161e1a40a8ea86c693735437e8f2@%3Ccommits.servicecomb.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/ra96c74c37ed7252f78392e1ad16442bd16ae72a4d6c8db50dd55c88b@%3Ccommits.servicecomb.apache.org%3E",
"url": "https://lists.apache.org/thread.html/ra96c74c37ed7252f78392e1ad16442bd16ae72a4d6c8db50dd55c88b@%3Ccommits.servicecomb.apache.org%3E"
}
]
},

5
2021/28xxx/CVE-2021-28657.json
View File

@ -74,6 +74,11 @@
"refsource": "MLIST",
"name": "[james-notifications] 20210501 [GitHub] [james-project] chibenwa opened a new pull request #414: [UPGRADE] Adopt Apache Tika 1.26",
"url": "https://lists.apache.org/thread.html/r4cbc3f6981cd0a1a482531df9d44e4c42a7f63342a7ba78b7bff8a1b@%3Cnotifications.james.apache.org%3E"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0004/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0004/"
}
]
},

5
2021/28xxx/CVE-2021-28660.json
View File

@ -66,6 +66,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210330 [SECURITY] [DLA 2610-1] linux-4.19 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0008/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0008/"
}
]
}

71
2021/32xxx/CVE-2021-32074.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-32074",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-32074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HashiCorp vault-action (aka Vault GitHub Action) before 2.2.0 allows attackers to obtain sensitive information from log files because a multi-line secret was not correctly registered with GitHub Actions for log masking."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/hashicorp/vault-action/blob/master/CHANGELOG.md",
"refsource": "MISC",
"name": "https://github.com/hashicorp/vault-action/blob/master/CHANGELOG.md"
},
{
"url": "https://github.com/hashicorp/vault-action/pull/208",
"refsource": "MISC",
"name": "https://github.com/hashicorp/vault-action/pull/208"
},
{
"url": "https://github.com/hashicorp/vault-action/issues/205",
"refsource": "MISC",
"name": "https://github.com/hashicorp/vault-action/issues/205"
},
{
"refsource": "MISC",
"name": "https://discuss.hashicorp.com/t/hcsec-2021-13-vault-github-action-did-not-correctly-mask-multi-line-secrets-in-output/24128",
"url": "https://discuss.hashicorp.com/t/hcsec-2021-13-vault-github-action-did-not-correctly-mask-multi-line-secrets-in-output/24128"
}
]
}

61
2021/32xxx/CVE-2021-32090.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-32090",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-32090",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The dashboard component of StackLift LocalStack 0.12.6 allows attackers to inject arbitrary shell commands via the functionName parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.sonarsource.com/hack-the-stack-with-localstack",
"refsource": "MISC",
"name": "https://blog.sonarsource.com/hack-the-stack-with-localstack"
},
{
"url": "https://portswigger.net/daily-swig/localstack-zero-day-vulnerabilities-chained-to-achieve-remote-takeover-of-local-instances",
"refsource": "MISC",
"name": "https://portswigger.net/daily-swig/localstack-zero-day-vulnerabilities-chained-to-achieve-remote-takeover-of-local-instances"
}
]
}

61
2021/32xxx/CVE-2021-32091.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-32091",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-32091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-site scripting (XSS) vulnerability exists in StackLift LocalStack 0.12.6."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.sonarsource.com/hack-the-stack-with-localstack",
"refsource": "MISC",
"name": "https://blog.sonarsource.com/hack-the-stack-with-localstack"
},
{
"url": "https://portswigger.net/daily-swig/localstack-zero-day-vulnerabilities-chained-to-achieve-remote-takeover-of-local-instances",
"refsource": "MISC",
"name": "https://portswigger.net/daily-swig/localstack-zero-day-vulnerabilities-chained-to-achieve-remote-takeover-of-local-instances"
}
]
}

61
2021/32xxx/CVE-2021-32092.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-32092",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-32092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross-site scripting (XSS) vulnerability in the DocumentAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the uuid parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portswigger.net/daily-swig/nsa-workflow-application-emissary-vulnerable-to-malicious-takeover",
"refsource": "MISC",
"name": "https://portswigger.net/daily-swig/nsa-workflow-application-emissary-vulnerable-to-malicious-takeover"
},
{
"url": "https://blog.sonarsource.com/code-vulnerabilities-in-nsa-application-revealed",
"refsource": "MISC",
"name": "https://blog.sonarsource.com/code-vulnerabilities-in-nsa-application-revealed"
}
]
}

61
2021/32xxx/CVE-2021-32093.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-32093",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-32093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The ConfigFileAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to read arbitrary files via the ConfigName parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portswigger.net/daily-swig/nsa-workflow-application-emissary-vulnerable-to-malicious-takeover",
"refsource": "MISC",
"name": "https://portswigger.net/daily-swig/nsa-workflow-application-emissary-vulnerable-to-malicious-takeover"
},
{
"url": "https://blog.sonarsource.com/code-vulnerabilities-in-nsa-application-revealed",
"refsource": "MISC",
"name": "https://blog.sonarsource.com/code-vulnerabilities-in-nsa-application-revealed"
}
]
}

5
2021/3xxx/CVE-2021-3392.json
View File

@ -58,6 +58,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210410 [SECURITY] [DLA 2623-1] qemu security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00009.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0001/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0001/"
}
]
},

5
2021/3xxx/CVE-2021-3393.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1924005",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1924005"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0006/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0006/"
}
]
},

5
2021/3xxx/CVE-2021-3409.json
View File

@ -58,6 +58,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210410 [SECURITY] [DLA 2623-1] qemu security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00009.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0001/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0001/"
}
]
},

5
2021/3xxx/CVE-2021-3416.json
View File

@ -58,6 +58,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210410 [SECURITY] [DLA 2623-1] qemu security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00009.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210507-0002/",
"url": "https://security.netapp.com/advisory/ntap-20210507-0002/"
}
]
},