diff --git a/2019/19xxx/CVE-2019-19326.json b/2019/19xxx/CVE-2019-19326.json index 0715322afe0..d18e1218ce1 100644 --- a/2019/19xxx/CVE-2019-19326.json +++ b/2019/19xxx/CVE-2019-19326.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "SilverStripe through 4.4.4 allows Web Cache Poisoning through HTTPRequestBuilder." + "value": "Silverstripe CMS sites through 4.4.4 which have opted into HTTP Cache Headers on responses served by the framework's HTTP layer can be vulnerable to web cache poisoning. Through modifying the X-Original-Url and X-HTTP-Method-Override headers, responses with malicious HTTP headers can return unexpected responses to other consumers of this cached response. Most other headers associated with web cache poisoning are already disabled through request hostname forgery whitelists." } ] }, @@ -53,24 +53,9 @@ "references": { "reference_data": [ { - "url": "https://www.silverstripe.org/download/security-releases/", - "refsource": "MISC", - "name": "https://www.silverstripe.org/download/security-releases/" - }, - { - "url": "https://www.silverstripe.org/blog/tag/release", - "refsource": "MISC", - "name": "https://www.silverstripe.org/blog/tag/release" - }, - { - "url": "https://forum.silverstripe.org/c/releases", - "refsource": "MISC", - "name": "https://forum.silverstripe.org/c/releases" - }, - { - "url": "https://twitter.com/memn0ps", - "refsource": "MISC", - "name": "https://twitter.com/memn0ps" + "refsource": "CONFIRM", + "name": "https://www.silverstripe.org/download/security-releases/CVE-2019-19326", + "url": "https://www.silverstripe.org/download/security-releases/CVE-2019-19326" } ] } diff --git a/2019/20xxx/CVE-2019-20908.json b/2019/20xxx/CVE-2019-20908.json new file mode 100644 index 00000000000..4ac3c13406b --- /dev/null +++ b/2019/20xxx/CVE-2019-20908.json @@ -0,0 +1,77 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-20908", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language.sh", + "refsource": "MISC", + "name": "https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language.sh" + }, + { + "url": "https://mailarchives.bentasker.co.uk/Mirrors/OSSSec/2020/06-Jun/msg00035.html", + "refsource": "MISC", + "name": "https://mailarchives.bentasker.co.uk/Mirrors/OSSSec/2020/06-Jun/msg00035.html" + }, + { + "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1957a85b0032a81e6482ca4aab883643b8dae06e", + "refsource": "MISC", + "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1957a85b0032a81e6482ca4aab883643b8dae06e" + }, + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4" + } + ] + } +} \ No newline at end of file diff --git a/2020/15xxx/CVE-2020-15107.json b/2020/15xxx/CVE-2020-15107.json index 617e59e8143..0ef4f944df5 100644 --- a/2020/15xxx/CVE-2020-15107.json +++ b/2020/15xxx/CVE-2020-15107.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "In openenclave before 0.10.0, enclaves that use x87 FPU operations are vulnerable to tampering by a malicious host application. By violating the Linux System V Application Binary Interface (ABI) for such operations, a host app can compromise the execution integrity of some x87 FPU operations in an enclave. Depending on the FPU control configuration of the enclave app and whether the operations are used in secret-dependent execution paths, this vulnerability may also be used to mount a side-channel attack on the enclave.\n\nThis has been fixed in 0.10.0 and the current master branch. Users will need to recompile their applications against the patched libraries to be protected from this vulnerability." + "value": "In openenclave before 0.10.0, enclaves that use x87 FPU operations are vulnerable to tampering by a malicious host application. By violating the Linux System V Application Binary Interface (ABI) for such operations, a host app can compromise the execution integrity of some x87 FPU operations in an enclave. Depending on the FPU control configuration of the enclave app and whether the operations are used in secret-dependent execution paths, this vulnerability may also be used to mount a side-channel attack on the enclave. This has been fixed in 0.10.0 and the current master branch. Users will need to recompile their applications against the patched libraries to be protected from this vulnerability." } ] }, diff --git a/2020/15xxx/CVE-2020-15780.json b/2020/15xxx/CVE-2020-15780.json new file mode 100644 index 00000000000..eefc12b6488 --- /dev/null +++ b/2020/15xxx/CVE-2020-15780.json @@ -0,0 +1,77 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-15780", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language-2.sh", + "refsource": "MISC", + "name": "https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language-2.sh" + }, + { + "url": "https://www.openwall.com/lists/oss-security/2020/06/15/3", + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2020/06/15/3" + }, + { + "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=75b0cea7bf307f362057cc778efe89af4c615354", + "refsource": "MISC", + "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=75b0cea7bf307f362057cc778efe89af4c615354" + }, + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.7", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.7" + } + ] + } +} \ No newline at end of file