diff --git a/2021/32xxx/CVE-2021-32467.json b/2021/32xxx/CVE-2021-32467.json index 3e302758508..200d0c25bdd 100644 --- a/2021/32xxx/CVE-2021-32467.json +++ b/2021/32xxx/CVE-2021-32467.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol." + "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read)." } ] }, @@ -56,6 +56,11 @@ "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", "refsource": "MISC", "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300" + }, + { + "refsource": "CONFIRM", + "name": "https://corp.mediatek.com/product-security-bulletin/January-2022", + "url": "https://corp.mediatek.com/product-security-bulletin/January-2022" } ] }, diff --git a/2021/32xxx/CVE-2021-32468.json b/2021/32xxx/CVE-2021-32468.json index e53570069d4..cd32644079a 100644 --- a/2021/32xxx/CVE-2021-32468.json +++ b/2021/32xxx/CVE-2021-32468.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol." + "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read)." } ] }, @@ -56,6 +56,11 @@ "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", "refsource": "MISC", "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300" + }, + { + "refsource": "CONFIRM", + "name": "https://corp.mediatek.com/product-security-bulletin/January-2022", + "url": "https://corp.mediatek.com/product-security-bulletin/January-2022" } ] }, diff --git a/2021/32xxx/CVE-2021-32469.json b/2021/32xxx/CVE-2021-32469.json index 83df0d255e1..ec254d4984b 100644 --- a/2021/32xxx/CVE-2021-32469.json +++ b/2021/32xxx/CVE-2021-32469.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol." + "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read)." } ] }, @@ -56,6 +56,11 @@ "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", "refsource": "MISC", "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300" + }, + { + "refsource": "CONFIRM", + "name": "https://corp.mediatek.com/product-security-bulletin/January-2022", + "url": "https://corp.mediatek.com/product-security-bulletin/January-2022" } ] }, diff --git a/2021/35xxx/CVE-2021-35055.json b/2021/35xxx/CVE-2021-35055.json index 682d7849032..104e2cb2d2c 100644 --- a/2021/35xxx/CVE-2021-35055.json +++ b/2021/35xxx/CVE-2021-35055.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol." + "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write)." } ] }, @@ -56,6 +56,11 @@ "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", "refsource": "MISC", "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300" + }, + { + "refsource": "CONFIRM", + "name": "https://corp.mediatek.com/product-security-bulletin/January-2022", + "url": "https://corp.mediatek.com/product-security-bulletin/January-2022" } ] }, diff --git a/2021/37xxx/CVE-2021-37560.json b/2021/37xxx/CVE-2021-37560.json index 0cc281e7734..fef4f51db54 100644 --- a/2021/37xxx/CVE-2021-37560.json +++ b/2021/37xxx/CVE-2021-37560.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol." + "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write)." } ] }, @@ -56,6 +56,11 @@ "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", "refsource": "MISC", "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300" + }, + { + "refsource": "CONFIRM", + "name": "https://corp.mediatek.com/product-security-bulletin/January-2022", + "url": "https://corp.mediatek.com/product-security-bulletin/January-2022" } ] }, diff --git a/2021/37xxx/CVE-2021-37561.json b/2021/37xxx/CVE-2021-37561.json index 52004335250..cf1a0ec3f28 100644 --- a/2021/37xxx/CVE-2021-37561.json +++ b/2021/37xxx/CVE-2021-37561.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol." + "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write)." } ] }, @@ -56,6 +56,11 @@ "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", "refsource": "MISC", "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300" + }, + { + "refsource": "CONFIRM", + "name": "https://corp.mediatek.com/product-security-bulletin/January-2022", + "url": "https://corp.mediatek.com/product-security-bulletin/January-2022" } ] }, diff --git a/2021/37xxx/CVE-2021-37562.json b/2021/37xxx/CVE-2021-37562.json index 79ca3ccf1fc..641c3673554 100644 --- a/2021/37xxx/CVE-2021-37562.json +++ b/2021/37xxx/CVE-2021-37562.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol." + "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read)." } ] }, @@ -56,6 +56,11 @@ "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", "refsource": "MISC", "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300" + }, + { + "refsource": "CONFIRM", + "name": "https://corp.mediatek.com/product-security-bulletin/January-2022", + "url": "https://corp.mediatek.com/product-security-bulletin/January-2022" } ] }, diff --git a/2021/37xxx/CVE-2021-37563.json b/2021/37xxx/CVE-2021-37563.json index a93d7308e5d..c863546e3c1 100644 --- a/2021/37xxx/CVE-2021-37563.json +++ b/2021/37xxx/CVE-2021-37563.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol." + "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write)." } ] }, @@ -56,6 +56,11 @@ "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", "refsource": "MISC", "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300" + }, + { + "refsource": "CONFIRM", + "name": "https://corp.mediatek.com/product-security-bulletin/January-2022", + "url": "https://corp.mediatek.com/product-security-bulletin/January-2022" } ] }, diff --git a/2021/37xxx/CVE-2021-37584.json b/2021/37xxx/CVE-2021-37584.json index d2c6cfa7dc7..826342e7af7 100644 --- a/2021/37xxx/CVE-2021-37584.json +++ b/2021/37xxx/CVE-2021-37584.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol." + "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write)." } ] }, @@ -56,6 +56,11 @@ "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300", "refsource": "MISC", "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300" + }, + { + "refsource": "CONFIRM", + "name": "https://corp.mediatek.com/product-security-bulletin/January-2022", + "url": "https://corp.mediatek.com/product-security-bulletin/January-2022" } ] }, diff --git a/2021/41xxx/CVE-2021-41788.json b/2021/41xxx/CVE-2021-41788.json index 0e65523883a..bf6cf589e7a 100644 --- a/2021/41xxx/CVE-2021-41788.json +++ b/2021/41xxx/CVE-2021-41788.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding." + "value": "MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0)." } ] }, @@ -56,6 +56,11 @@ "url": "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301", "refsource": "MISC", "name": "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301" + }, + { + "refsource": "CONFIRM", + "name": "https://corp.mediatek.com/product-security-bulletin/January-2022", + "url": "https://corp.mediatek.com/product-security-bulletin/January-2022" } ] }, diff --git a/2022/21xxx/CVE-2022-21653.json b/2022/21xxx/CVE-2022-21653.json index 1eb6badef2a..b1ad9716602 100644 --- a/2022/21xxx/CVE-2022-21653.json +++ b/2022/21xxx/CVE-2022-21653.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "Jawn is an open source JSON parser. Extenders of the `org.typelevel.jawn.SimpleFacade` and `org.typelevel.jawn.MutableFacade` who don't override `objectContext()` are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, but inherit from a library. `jawn-parser-1.3.1` fixes this issue and users are advised to upgrade. For users unable to upgrade override `objectContext()` to use a collision-safe collection." + "value": "Jawn is an open source JSON parser. Extenders of the `org.typelevel.jawn.SimpleFacade` and `org.typelevel.jawn.MutableFacade` who don't override `objectContext()` are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, but inherit from a library. `jawn-parser-1.3.1` fixes this issue and users are advised to upgrade. For users unable to upgrade override `objectContext()` to use a collision-safe collection." } ] },