From abdce280d4d5f27332a0153182e57b0f33d1e730 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 25 Aug 2021 16:00:50 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/18xxx/CVE-2020-18971.json | 56 ++++++++++++++++++++++++++++++---- 2020/18xxx/CVE-2020-18972.json | 56 ++++++++++++++++++++++++++++++---- 2020/18xxx/CVE-2020-18974.json | 56 ++++++++++++++++++++++++++++++---- 2020/18xxx/CVE-2020-18976.json | 56 ++++++++++++++++++++++++++++++---- 2021/29xxx/CVE-2021-29425.json | 5 +++ 2021/34xxx/CVE-2021-34429.json | 5 +++ 6 files changed, 210 insertions(+), 24 deletions(-) diff --git a/2020/18xxx/CVE-2020-18971.json b/2020/18xxx/CVE-2020-18971.json index 97578a19c02..1e9ce46cc61 100644 --- a/2020/18xxx/CVE-2020-18971.json +++ b/2020/18xxx/CVE-2020-18971.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-18971", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-18971", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sourceforge.net/p/podofo/tickets/48/", + "refsource": "MISC", + "name": "https://sourceforge.net/p/podofo/tickets/48/" } ] } diff --git a/2020/18xxx/CVE-2020-18972.json b/2020/18xxx/CVE-2020-18972.json index 5301b2b53f4..42f2acd3b12 100644 --- a/2020/18xxx/CVE-2020-18972.json +++ b/2020/18xxx/CVE-2020-18972.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-18972", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-18972", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sourceforge.net/p/podofo/tickets/49/", + "refsource": "MISC", + "name": "https://sourceforge.net/p/podofo/tickets/49/" } ] } diff --git a/2020/18xxx/CVE-2020-18974.json b/2020/18xxx/CVE-2020-18974.json index b03d916987a..77d1ee136f3 100644 --- a/2020/18xxx/CVE-2020-18974.json +++ b/2020/18xxx/CVE-2020-18974.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-18974", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-18974", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392568", + "refsource": "MISC", + "name": "https://bugzilla.nasm.us/show_bug.cgi?id=3392568" } ] } diff --git a/2020/18xxx/CVE-2020-18976.json b/2020/18xxx/CVE-2020-18976.json index e5250b8874c..12ee1c1b987 100644 --- a/2020/18xxx/CVE-2020-18976.json +++ b/2020/18xxx/CVE-2020-18976.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-18976", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-18976", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'do_checksum' function in 'checksum.c'. It can be triggered by sending a crafted pcap file to the 'tcpreplay-edit' binary. This issue is different than CVE-2019-8381." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/appneta/tcpreplay/issues/556", + "refsource": "MISC", + "name": "https://github.com/appneta/tcpreplay/issues/556" } ] } diff --git a/2021/29xxx/CVE-2021-29425.json b/2021/29xxx/CVE-2021-29425.json index 10fe337f71e..fb5b3e9f01c 100644 --- a/2021/29xxx/CVE-2021-29425.json +++ b/2021/29xxx/CVE-2021-29425.json @@ -262,6 +262,11 @@ "refsource": "MLIST", "name": "[zookeeper-notifications] 20210825 [GitHub] [zookeeper] ztzg commented on a change in pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)", "url": "https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374@%3Cnotifications.zookeeper.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[zookeeper-notifications] 20210825 [GitHub] [zookeeper] eolivelli commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)", + "url": "https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae@%3Cnotifications.zookeeper.apache.org%3E" } ] }, diff --git a/2021/34xxx/CVE-2021-34429.json b/2021/34xxx/CVE-2021-34429.json index f94661b4f39..fe71821ed2e 100644 --- a/2021/34xxx/CVE-2021-34429.json +++ b/2021/34xxx/CVE-2021-34429.json @@ -212,6 +212,11 @@ "refsource": "MLIST", "name": "[zookeeper-notifications] 20210825 [GitHub] [zookeeper] ztzg commented on pull request #1734: ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids CVE-2021-34429)", "url": "https://lists.apache.org/thread.html/r5678d994d4dd8e7c838eed3bbc1a83a7f6bc62724b0cce67e8892a45@%3Cnotifications.zookeeper.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[zookeeper-notifications] 20210825 [GitHub] [zookeeper] eolivelli commented on pull request #1734: ZOOKEEPER-4337: Bump jetty to 9.4.43.v20210629 (avoids CVE-2021-34429)", + "url": "https://lists.apache.org/thread.html/r2e32390cb7aedb39069e5b18aa130ca53e766258518faee63c31d3ea@%3Cnotifications.zookeeper.apache.org%3E" } ] }