"-Synchronized-Data."

2025-08-04 08:44:25 +00:00 · 2022-01-05 22:01:01 +00:00 · 2022-01-05 22:01:01 +00:00 · c289fb98e4
commit c289fb98e4
parent 13768400f5
11 changed files with 61 additions and 11 deletions
--- a/2021/32xxx/CVE-2021-32467.json
+++ b/2021/32xxx/CVE-2021-32467.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol."
+                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read)."
            }
        ]
    },
@ -56,6 +56,11 @@
                "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                "refsource": "MISC",
                "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
+                "url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
            }
        ]
    },
--- a/2021/32xxx/CVE-2021-32468.json
+++ b/2021/32xxx/CVE-2021-32468.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol."
+                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read)."
            }
        ]
    },
@ -56,6 +56,11 @@
                "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                "refsource": "MISC",
                "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
+                "url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
            }
        ]
    },
--- a/2021/32xxx/CVE-2021-32469.json
+++ b/2021/32xxx/CVE-2021-32469.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol."
+                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read)."
            }
        ]
    },
@ -56,6 +56,11 @@
                "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                "refsource": "MISC",
                "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
+                "url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
            }
        ]
    },
--- a/2021/35xxx/CVE-2021-35055.json
+++ b/2021/35xxx/CVE-2021-35055.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol."
+                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write)."
            }
        ]
    },
@ -56,6 +56,11 @@
                "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                "refsource": "MISC",
                "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
+                "url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
            }
        ]
    },
--- a/2021/37xxx/CVE-2021-37560.json
+++ b/2021/37xxx/CVE-2021-37560.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol."
+                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write)."
            }
        ]
    },
@ -56,6 +56,11 @@
                "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                "refsource": "MISC",
                "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
+                "url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
            }
        ]
    },
--- a/2021/37xxx/CVE-2021-37561.json
+++ b/2021/37xxx/CVE-2021-37561.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol."
+                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write)."
            }
        ]
    },
@ -56,6 +56,11 @@
                "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                "refsource": "MISC",
                "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
+                "url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
            }
        ]
    },
--- a/2021/37xxx/CVE-2021-37562.json
+++ b/2021/37xxx/CVE-2021-37562.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol."
+                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read)."
            }
        ]
    },
@ -56,6 +56,11 @@
                "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                "refsource": "MISC",
                "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
+                "url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
            }
        ]
    },
--- a/2021/37xxx/CVE-2021-37563.json
+++ b/2021/37xxx/CVE-2021-37563.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol."
+                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write)."
            }
        ]
    },
@ -56,6 +56,11 @@
                "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                "refsource": "MISC",
                "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
+                "url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
            }
        ]
    },
--- a/2021/37xxx/CVE-2021-37584.json
+++ b/2021/37xxx/CVE-2021-37584.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol."
+                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write)."
            }
        ]
    },
@ -56,6 +56,11 @@
                "url": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300",
                "refsource": "MISC",
                "name": "https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
+                "url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
            }
        ]
    },
--- a/2021/41xxx/CVE-2021-41788.json
+++ b/2021/41xxx/CVE-2021-41788.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding."
+                "value": "MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0)."
            }
        ]
    },
@ -56,6 +56,11 @@
                "url": "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301",
                "refsource": "MISC",
                "name": "https://kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://corp.mediatek.com/product-security-bulletin/January-2022",
+                "url": "https://corp.mediatek.com/product-security-bulletin/January-2022"
            }
        ]
    },
--- a/2022/21xxx/CVE-2022-21653.json
+++ b/2022/21xxx/CVE-2022-21653.json
@ -35,7 +35,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Jawn is an open source JSON parser. Extenders of the `org.typelevel.jawn.SimpleFacade` and `org.typelevel.jawn.MutableFacade` who don't override `objectContext()` are vulnerable to a hash collision attack which may result in a denial of service.  Most applications do not implement these traits directly, but inherit from a library. `jawn-parser-1.3.1` fixes this issue and users are advised to upgrade. For users unable to upgrade override `objectContext()` to use a collision-safe collection."
+                "value": "Jawn is an open source JSON parser. Extenders of the `org.typelevel.jawn.SimpleFacade` and `org.typelevel.jawn.MutableFacade` who don't override `objectContext()` are vulnerable to a hash collision attack which may result in a denial of service. Most applications do not implement these traits directly, but inherit from a library. `jawn-parser-1.3.1` fixes this issue and users are advised to upgrade. For users unable to upgrade override `objectContext()` to use a collision-safe collection."
            }
        ]
    },