diff --git a/2020/35xxx/CVE-2020-35774.json b/2020/35xxx/CVE-2020-35774.json index 0ca1ecc3393..959d3da64fc 100644 --- a/2020/35xxx/CVE-2020-35774.json +++ b/2020/35xxx/CVE-2020-35774.json @@ -61,6 +61,11 @@ "url": "https://github.com/twitter/twitter-server/compare/twitter-server-20.10.0...twitter-server-20.12.0", "refsource": "MISC", "name": "https://github.com/twitter/twitter-server/compare/twitter-server-20.10.0...twitter-server-20.12.0" + }, + { + "refsource": "MISC", + "name": "https://advisory.checkmarx.net/advisory/CX-2020-4287", + "url": "https://advisory.checkmarx.net/advisory/CX-2020-4287" } ] } diff --git a/2021/21xxx/CVE-2021-21412.json b/2021/21xxx/CVE-2021-21412.json index 9b57f531651..bcd05fafc29 100644 --- a/2021/21xxx/CVE-2021-21412.json +++ b/2021/21xxx/CVE-2021-21412.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "Potential for arbitrary code execution in npm package @thi.ng/egf `#gpg`-tagged property values (only if `decrypt: true` option is enabled). \nPR with patch has been submitted and will has been released as of v0.4.0\nBy default the EGF parse functions do NOT attempt to decrypt values (since GPG only available in non-browser env).\nHowever, if GPG encrypted values are used/required:\n1. Perform a regex search for `#gpg`-tagged values in the EGF source file/string and check for backtick (\\`) chars in the encrypted value string\n2. Replace/remove them or skip parsing if present." + "value": "Potential for arbitrary code execution in npm package @thi.ng/egf `#gpg`-tagged property values (only if `decrypt: true` option is enabled). PR with patch has been submitted and will has been released as of v0.4.0 By default the EGF parse functions do NOT attempt to decrypt values (since GPG only available in non-browser env). However, if GPG encrypted values are used/required: 1. Perform a regex search for `#gpg`-tagged values in the EGF source file/string and check for backtick (\\`) chars in the encrypted value string 2. Replace/remove them or skip parsing if present." } ] }, diff --git a/2021/26xxx/CVE-2021-26579.json b/2021/26xxx/CVE-2021-26579.json index 72679c4b783..51299c4a105 100644 --- a/2021/26xxx/CVE-2021-26579.json +++ b/2021/26xxx/CVE-2021-26579.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-26579", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Unified Data Management (UDM)", + "version": { + "version_data": [ + { + "version_value": "Versions 1.2009.0 and 1.2101.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local disclosure of privileged information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu04112en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu04112en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of privileged information (CWE-321: Use of Hard-coded Cryptographic Key in a product). HPE has provided updates to versions 1.2009.0 and 1.2101.0 of HPE Unified Data Management (UDM). Version 1.2103.0 of HPE Unified Data Management (UDM) removes all hard-coded cryptographic keys." } ] } diff --git a/2021/29xxx/CVE-2021-29426.json b/2021/29xxx/CVE-2021-29426.json new file mode 100644 index 00000000000..976faf745c1 --- /dev/null +++ b/2021/29xxx/CVE-2021-29426.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29426", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29427.json b/2021/29xxx/CVE-2021-29427.json new file mode 100644 index 00000000000..d4c5f92ba18 --- /dev/null +++ b/2021/29xxx/CVE-2021-29427.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29427", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29428.json b/2021/29xxx/CVE-2021-29428.json new file mode 100644 index 00000000000..82f3ada6155 --- /dev/null +++ b/2021/29xxx/CVE-2021-29428.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29428", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29429.json b/2021/29xxx/CVE-2021-29429.json new file mode 100644 index 00000000000..72b330a47a9 --- /dev/null +++ b/2021/29xxx/CVE-2021-29429.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29429", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29430.json b/2021/29xxx/CVE-2021-29430.json new file mode 100644 index 00000000000..581335e3773 --- /dev/null +++ b/2021/29xxx/CVE-2021-29430.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29430", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29431.json b/2021/29xxx/CVE-2021-29431.json new file mode 100644 index 00000000000..c966323ad69 --- /dev/null +++ b/2021/29xxx/CVE-2021-29431.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29431", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29432.json b/2021/29xxx/CVE-2021-29432.json new file mode 100644 index 00000000000..6020ba656b1 --- /dev/null +++ b/2021/29xxx/CVE-2021-29432.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29432", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29433.json b/2021/29xxx/CVE-2021-29433.json new file mode 100644 index 00000000000..391d834fe6b --- /dev/null +++ b/2021/29xxx/CVE-2021-29433.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29433", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29434.json b/2021/29xxx/CVE-2021-29434.json new file mode 100644 index 00000000000..655bd1a0af9 --- /dev/null +++ b/2021/29xxx/CVE-2021-29434.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29434", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29435.json b/2021/29xxx/CVE-2021-29435.json new file mode 100644 index 00000000000..e6da3ca5340 --- /dev/null +++ b/2021/29xxx/CVE-2021-29435.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29435", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29436.json b/2021/29xxx/CVE-2021-29436.json new file mode 100644 index 00000000000..15ed5b8b359 --- /dev/null +++ b/2021/29xxx/CVE-2021-29436.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29436", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29437.json b/2021/29xxx/CVE-2021-29437.json new file mode 100644 index 00000000000..d9b306b5abd --- /dev/null +++ b/2021/29xxx/CVE-2021-29437.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29437", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29438.json b/2021/29xxx/CVE-2021-29438.json new file mode 100644 index 00000000000..7896ddcb423 --- /dev/null +++ b/2021/29xxx/CVE-2021-29438.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29438", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29439.json b/2021/29xxx/CVE-2021-29439.json new file mode 100644 index 00000000000..17477fcb081 --- /dev/null +++ b/2021/29xxx/CVE-2021-29439.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29439", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29440.json b/2021/29xxx/CVE-2021-29440.json new file mode 100644 index 00000000000..593b5b0253b --- /dev/null +++ b/2021/29xxx/CVE-2021-29440.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29440", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29441.json b/2021/29xxx/CVE-2021-29441.json new file mode 100644 index 00000000000..0d1bb29458f --- /dev/null +++ b/2021/29xxx/CVE-2021-29441.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29441", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29442.json b/2021/29xxx/CVE-2021-29442.json new file mode 100644 index 00000000000..f6e33426809 --- /dev/null +++ b/2021/29xxx/CVE-2021-29442.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29442", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29443.json b/2021/29xxx/CVE-2021-29443.json new file mode 100644 index 00000000000..e3973fc6138 --- /dev/null +++ b/2021/29xxx/CVE-2021-29443.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29443", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29444.json b/2021/29xxx/CVE-2021-29444.json new file mode 100644 index 00000000000..7fe6ed0c47f --- /dev/null +++ b/2021/29xxx/CVE-2021-29444.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29444", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29445.json b/2021/29xxx/CVE-2021-29445.json new file mode 100644 index 00000000000..3d6d0d77a6d --- /dev/null +++ b/2021/29xxx/CVE-2021-29445.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29445", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29446.json b/2021/29xxx/CVE-2021-29446.json new file mode 100644 index 00000000000..b241f99c556 --- /dev/null +++ b/2021/29xxx/CVE-2021-29446.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29446", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29447.json b/2021/29xxx/CVE-2021-29447.json new file mode 100644 index 00000000000..ce7de9801b7 --- /dev/null +++ b/2021/29xxx/CVE-2021-29447.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29447", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29629.json b/2021/29xxx/CVE-2021-29629.json new file mode 100644 index 00000000000..15350337b01 --- /dev/null +++ b/2021/29xxx/CVE-2021-29629.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29629", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29630.json b/2021/29xxx/CVE-2021-29630.json new file mode 100644 index 00000000000..e7398d61f69 --- /dev/null +++ b/2021/29xxx/CVE-2021-29630.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29630", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29631.json b/2021/29xxx/CVE-2021-29631.json new file mode 100644 index 00000000000..6f417b2800a --- /dev/null +++ b/2021/29xxx/CVE-2021-29631.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29631", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29632.json b/2021/29xxx/CVE-2021-29632.json new file mode 100644 index 00000000000..a36ed5e58a4 --- /dev/null +++ b/2021/29xxx/CVE-2021-29632.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29632", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29633.json b/2021/29xxx/CVE-2021-29633.json new file mode 100644 index 00000000000..e31b749cce5 --- /dev/null +++ b/2021/29xxx/CVE-2021-29633.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29633", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29634.json b/2021/29xxx/CVE-2021-29634.json new file mode 100644 index 00000000000..99eb3567090 --- /dev/null +++ b/2021/29xxx/CVE-2021-29634.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29634", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29635.json b/2021/29xxx/CVE-2021-29635.json new file mode 100644 index 00000000000..0e2e200d909 --- /dev/null +++ b/2021/29xxx/CVE-2021-29635.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29635", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29636.json b/2021/29xxx/CVE-2021-29636.json new file mode 100644 index 00000000000..0d59678f744 --- /dev/null +++ b/2021/29xxx/CVE-2021-29636.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29636", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29637.json b/2021/29xxx/CVE-2021-29637.json new file mode 100644 index 00000000000..61a4dbb6c3d --- /dev/null +++ b/2021/29xxx/CVE-2021-29637.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29637", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29638.json b/2021/29xxx/CVE-2021-29638.json new file mode 100644 index 00000000000..29eb4475890 --- /dev/null +++ b/2021/29xxx/CVE-2021-29638.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29638", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29639.json b/2021/29xxx/CVE-2021-29639.json new file mode 100644 index 00000000000..03c1c781f51 --- /dev/null +++ b/2021/29xxx/CVE-2021-29639.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29639", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29640.json b/2021/29xxx/CVE-2021-29640.json new file mode 100644 index 00000000000..9f45fa5a71c --- /dev/null +++ b/2021/29xxx/CVE-2021-29640.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29640", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29641.json b/2021/29xxx/CVE-2021-29641.json new file mode 100644 index 00000000000..cad2eead6f9 --- /dev/null +++ b/2021/29xxx/CVE-2021-29641.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-29641", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3474.json b/2021/3xxx/CVE-2021-3474.json index 245363c2f3e..4bf30aa3337 100644 --- a/2021/3xxx/CVE-2021-3474.json +++ b/2021/3xxx/CVE-2021-3474.json @@ -4,14 +4,63 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3474", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OpenEXR", + "version": { + "version_data": [ + { + "version_value": "OpenEXR 3.0.0-beta" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-190" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1939142", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939142" + }, + { + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24831", + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24831" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability." } ] } diff --git a/2021/3xxx/CVE-2021-3475.json b/2021/3xxx/CVE-2021-3475.json index 676e852ccfa..46c618d792f 100644 --- a/2021/3xxx/CVE-2021-3475.json +++ b/2021/3xxx/CVE-2021-3475.json @@ -4,14 +4,63 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3475", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OpenEXR", + "version": { + "version_data": [ + { + "version_value": "OpenEXR 3.0.0-beta" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-190" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1939144", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939144" + }, + { + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25297", + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25297" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability." } ] } diff --git a/2021/3xxx/CVE-2021-3476.json b/2021/3xxx/CVE-2021-3476.json index fbe722edc6e..0b883304a9c 100644 --- a/2021/3xxx/CVE-2021-3476.json +++ b/2021/3xxx/CVE-2021-3476.json @@ -4,14 +4,63 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-3476", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OpenEXR", + "version": { + "version_data": [ + { + "version_value": "OpenEXR 3.0.0-beta" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-190" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1939145", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939145" + }, + { + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24787", + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24787" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability." } ] }