"-Synchronized-Data."

2020/9xxx/CVE-2020-9388.json

@@ -56,6 +56,11 @@
                 "refsource": "CONFIRM",
                 "name": "https://support.squaredup.com/hc/en-us/articles/360017568238",
                 "url": "https://support.squaredup.com/hc/en-us/articles/360017568238"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://support.squaredup.com/hc/en-us/articles/360019427218-CVE-2020-9388-API-Endpoints-are-not-protected-against-CSRF",
+                "url": "https://support.squaredup.com/hc/en-us/articles/360019427218-CVE-2020-9388-API-Endpoints-are-not-protected-against-CSRF"
             }
         ]
     },

2020/9xxx/CVE-2020-9389.json

@@ -56,6 +56,11 @@
                 "refsource": "CONFIRM",
                 "name": "https://support.squaredup.com/hc/en-us/articles/360017255858",
                 "url": "https://support.squaredup.com/hc/en-us/articles/360017255858"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://support.squaredup.com/hc/en-us/articles/360019427238-CVE-2020-9389-Username-enumeration-possible-via-a-timing-attack",
+                "url": "https://support.squaredup.com/hc/en-us/articles/360019427238-CVE-2020-9389-Username-enumeration-possible-via-a-timing-attack"
             }
         ]
     }

2020/9xxx/CVE-2020-9390.json

@@ -56,6 +56,11 @@
                 "refsource": "CONFIRM",
                 "name": "https://support.squaredup.com/hc/en-us/articles/360017568258",
                 "url": "https://support.squaredup.com/hc/en-us/articles/360017568258"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://support.squaredup.com/hc/en-us/articles/360019427258-CVE-2020-9390-Stored-cross-site-scripting",
+                "url": "https://support.squaredup.com/hc/en-us/articles/360019427258-CVE-2020-9390-Stored-cross-site-scripting"
             }
         ]
     }

2021/22xxx/CVE-2021-22117.json

@@ -4,14 +4,58 @@
     "data_version": "4.0",
     "CVE_data_meta": {
         "ID": "CVE-2021-22117",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "security@vmware.com",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "RabbitMQ",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "RabbitMQ Windows installers prior to version 3.8.16"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-94: Improper Control of Generation of Code"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "MISC",
+                "name": "https://tanzu.vmware.com/security/cve-2021-22117",
+                "url": "https://tanzu.vmware.com/security/cve-2021-22117"
+            }
+        ]
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins."
             }
         ]
     }

2021/29xxx/CVE-2021-29425.json

@@ -137,6 +137,26 @@
                 "refsource": "MLIST",
                 "name": "[myfaces-dev] 20210504 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #808: build: CVE fix",
                 "url": "https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[creadur-dev] 20210518 [jira] [Created] (WHISKER-19) Update commons-io to fix CVE-2021-29425",
+                "url": "https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8@%3Cdev.creadur.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[creadur-dev] 20210518 [jira] [Commented] (WHISKER-19) Update commons-io to fix CVE-2021-29425",
+                "url": "https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c@%3Cdev.creadur.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[creadur-dev] 20210518 [jira] [Assigned] (WHISKER-19) Update commons-io to fix CVE-2021-29425",
+                "url": "https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5@%3Cdev.creadur.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[creadur-dev] 20210518 [jira] [Updated] (WHISKER-19) Update commons-io to fix CVE-2021-29425",
+                "url": "https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E"
             }
         ]
     },