admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-06-27 15:00:44 +00:00
parent 7c295a312a
commit c0752119d2
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
9 changed files with 705 additions and 131 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

121
2017/4xxx/CVE-2017-4947.json
View File

@ -1,51 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"DATE_PUBLIC": "2018-01-26T00:00:00",
"ID": "CVE-2017-4947", "ID": "CVE-2017-4947",
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "vRealize Automation",
"version": {
"version_data": [
{
"version_value": "7.3 and 7.2"
}
]
}
},
{
"product_name": "vSphere Integrated Containers",
"version": {
"version_data": [
{
"version_value": "1.x before 1.3"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "VMware Realize Automation (7.3 and 7.2) and vSphere Integrated Containers (1.x before 1.3) contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote attackers to execute arbitrary code on the appliance." "value": "VMware vRealize Automation (7.3 and 7.2) and vSphere Integrated Containers (1.x before 1.3) contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote attackers to execute arbitrary code on the appliance.\n\n"
} }
] ]
}, },
@ -61,28 +27,69 @@
} }
] ]
}, },
"references": { "affects": {
"reference_data": [ "vendor": {
"vendor_data": [
{ {
"name": "102852", "vendor_name": "VMware",
"refsource": "BID", "product": {
"url": "http://www.securityfocus.com/bid/102852" "product_data": [
},
{ {
"name": "https://www.vmware.com/security/advisories/VMSA-2018-0006.html", "product_name": "vRealize Automation",
"refsource": "CONFIRM", "version": {
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0006.html" "version_data": [
},
{ {
"name": "1040289", "version_affected": "=",
"refsource": "SECTRACK", "version_value": "7.3 and 7.2"
"url": "http://www.securitytracker.com/id/1040289"
},
{
"name": "1040290",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040290"
} }
] ]
} }
},
{
"product_name": "vSphere Integrated Containers",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.x before 1.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/102852",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/102852"
},
{
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0006.html",
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2018-0006.html"
},
{
"url": "http://www.securitytracker.com/id/1040289",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1040289"
},
{
"url": "http://www.securitytracker.com/id/1040290",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1040290"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
}
} }

117
2021/37xxx/CVE-2021-37404.json
View File

@ -1,51 +1,12 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-37404",
"STATE": "PUBLIC",
"TITLE": "Heap buffer overflow in libhdfs native library"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Hadoop",
"version": {
"version_data": [
{
"version_value": "2.9.0 to 2.10.1"
},
{
"version_value": "3.0.0 to 3.1.4"
},
{
"version_value": " 3.2.0 to 3.2.2"
},
{
"version_value": "3.3.0 to 3.3.1"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was discovered by Igor Chervatyuk."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0", "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-37404",
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -54,41 +15,79 @@
} }
] ]
}, },
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "important"
}
],
"problemtype": { "problemtype": {
"problemtype_data": [ "problemtype_data": [
{ {
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "CWE-131 Incorrect Calculation of Buffer Size" "value": "CWE-787 Out-of-bounds Write",
"cweId": "CWE-787"
} }
] ]
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache Software Foundation",
"product": {
"product_data": [
{
"product_name": "Apache Hadoop",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.9.0 to 2.10.1"
},
{
"version_affected": "=",
"version_value": "3.0.0 to 3.1.4"
},
{
"version_affected": "=",
"version_value": " 3.2.0 to 3.2.2"
},
{
"version_affected": "=",
"version_value": "3.3.0 to 3.3.1"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"refsource": "MISC",
"url": "https://lists.apache.org/thread/2h56ztcj3ojc66qzf1nno88vjw9vd4wo", "url": "https://lists.apache.org/thread/2h56ztcj3ojc66qzf1nno88vjw9vd4wo",
"refsource": "MISC",
"name": "https://lists.apache.org/thread/2h56ztcj3ojc66qzf1nno88vjw9vd4wo" "name": "https://lists.apache.org/thread/2h56ztcj3ojc66qzf1nno88vjw9vd4wo"
}, },
{ {
"refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220715-0007/",
"name": "https://security.netapp.com/advisory/ntap-20220715-0007/", "refsource": "MISC",
"url": "https://security.netapp.com/advisory/ntap-20220715-0007/" "name": "https://security.netapp.com/advisory/ntap-20220715-0007/"
} }
] ]
}, },
"generator": {
"engine": "Vulnogram 0.0.9"
},
"source": { "source": {
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Igor Chervatyuk."
} }
]
} }

79
2023/2xxx/CVE-2023-2818.json
View File

@ -1,17 +1,88 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-2818", "ID": "CVE-2023-2818",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security@proofpoint.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring. All versions prior to 7.14.3 are affected. Agents for MacOS and Linux and Cloud are unaffected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-281 Improper Preservation of Permissions",
"cweId": "CWE-281"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Proofpoint",
"product": {
"product_data": [
{
"product_name": "Insider Threat Management",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "7.14.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005",
"refsource": "MISC",
"name": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
} }
] ]
} }

79
2023/35xxx/CVE-2023-35998.json
View File

@ -1,17 +1,88 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-35998", "ID": "CVE-2023-35998",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security@proofpoint.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A missing authorization check in multiple SOAP endpoints of the Insider Threat Management Server enables an attacker on an adjacent network to read and write unauthorized objects. Successful exploitation requires an attacker to first obtain a valid agent authentication token. All versions before 7.14.3 are affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Proofpoint",
"product": {
"product_data": [
{
"product_name": "Insider Threat Management",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "7.14.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005",
"refsource": "MISC",
"name": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
} }
] ]
} }

79
2023/36xxx/CVE-2023-36000.json
View File

@ -1,17 +1,88 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-36000", "ID": "CVE-2023-36000",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security@proofpoint.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A missing authorization check in the MacOS agent configuration endpoint of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to obtain sensitive information. Successful exploitation requires an attacker to first obtain a valid agent authentication token. All versions before 7.14.3 are affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Proofpoint",
"product": {
"product_data": [
{
"product_name": "Insider Threat Management",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "7.14.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005",
"refsource": "MISC",
"name": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
} }
] ]
} }

79
2023/36xxx/CVE-2023-36002.json
View File

@ -1,17 +1,88 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-36002", "ID": "CVE-2023-36002",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security@proofpoint.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. All versions before 7.14.3 are affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Proofpoint",
"product": {
"product_data": [
{
"product_name": "Insider Threat Management",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "7.14.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005",
"refsource": "MISC",
"name": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
} }
] ]
} }

108
2023/3xxx/CVE-2023-3405.json
View File

@ -1,17 +1,117 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-3405", "ID": "CVE-2023-3405",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "security@m-files.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Unchecked parameter value in M-Files Server in versions before 23.6.12695.3 (excluding 23.2 SR2 and newer) allows anonymous user to cause denial of service"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-248 Uncaught Exception",
"cweId": "CWE-248"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "M-Files",
"product": {
"product_data": [
{
"product_name": "M-Files Server",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "23.6.12695.3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "23.2.12340.11"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.m-files.com/about/trust-center/security-advisories/cve-2023-3405",
"refsource": "MISC",
"name": "https://www.m-files.com/about/trust-center/security-advisories/cve-2023-3405"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"defect": [
"167238"
],
"discovery": "INTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to patched version"
}
],
"value": "Update to patched version"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
} }
] ]
} }

92
2023/3xxx/CVE-2023-3431.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-3431",
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Access Control in GitHub repository plantuml/plantuml prior to 1.2023.9."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "plantuml",
"product": {
"product_data": [
{
"product_name": "plantuml/plantuml",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "1.2023.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.dev/bounties/fa741f95-b53c-4ed7-b157-e32c5145164c",
"refsource": "MISC",
"name": "https://huntr.dev/bounties/fa741f95-b53c-4ed7-b157-e32c5145164c"
},
{
"url": "https://github.com/plantuml/plantuml/commit/fbe7fa3b25b4c887d83927cffb1009ec6cb8ab1e",
"refsource": "MISC",
"name": "https://github.com/plantuml/plantuml/commit/fbe7fa3b25b4c887d83927cffb1009ec6cb8ab1e"
}
]
},
"source": {
"advisory": "fa741f95-b53c-4ed7-b157-e32c5145164c",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
]
}
}

92
2023/3xxx/CVE-2023-3432.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-3432",
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml prior to 1.2023.9."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery (SSRF)",
"cweId": "CWE-918"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "plantuml",
"product": {
"product_data": [
{
"product_name": "plantuml/plantuml",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "1.2023.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.dev/bounties/8ac3316f-431c-468d-87e4-3dafff2ecf51",
"refsource": "MISC",
"name": "https://huntr.dev/bounties/8ac3316f-431c-468d-87e4-3dafff2ecf51"
},
{
"url": "https://github.com/plantuml/plantuml/commit/b32500bb61ae617bb312496d6d832e4be8190797",
"refsource": "MISC",
"name": "https://github.com/plantuml/plantuml/commit/b32500bb61ae617bb312496d6d832e4be8190797"
}
]
},
"source": {
"advisory": "8ac3316f-431c-468d-87e4-3dafff2ecf51",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 7.2,
"baseSeverity": "HIGH"
}
]
}
}