admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updated version data

Browse Source
This commit is contained in:
Kyle Jackson 2022-04-14 14:24:01 +10:00
parent 67aeb0b325
commit c6aae4fd4b
10 changed files with 279 additions and 279 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
2021/26xxx/CVE-2021-26556.json
View File

@ -19,20 +19,20 @@
"version": {
"version_data": [
{
"version_value": ">=",
"version_affected": "0.9"
"version_value": "0.9",
"version_affected": ">="
},
{
"version_value": "<",
"version_affected": "2020.4.229"
"version_value": "2020.4.229",
"version_affected": "<"
},
{
"version_value": ">=",
"version_affected": "2020.5.0"
"version_value": "2020.5.0",
"version_affected": ">="
},
{
"version_value": "<",
"version_affected": "2020.5.256"
"version_value": "2020.5.256",
"version_affected": "<"
}
]
}

8
2021/26xxx/CVE-2021-26557.json
View File

@ -19,12 +19,12 @@
"version": {
"version_data": [
{
"version_value": ">=",
"version_affected": "3.15.4"
"version_value": "3.15.4",
"version_affected": ">="
},
{
"version_value": "<",
"version_affected": "6.0.489"
"version_value": "6.0.489",
"version_affected": "<"
}
]
}

16
2021/31xxx/CVE-2021-31816.json
View File

@ -19,20 +19,20 @@
"version": {
"version_data": [
{
"version_value": ">=",
"version_affected": "0.9"
"version_value": "0.9",
"version_affected": ">="
},
{
"version_value": "<",
"version_affected": "2020.6.5146"
"version_value": "2020.6.5146",
"version_affected": "<"
},
{
"version_value": ">=",
"version_affected": "2021.1.7149"
"version_value": "2021.1.7149",
"version_affected": ">="
},
{
"version_value": "<",
"version_affected": "2021.1.7316"
"version_value": "2021.1.7316",
"version_affected": "<"
}
]
}

16
2021/31xxx/CVE-2021-31817.json
View File

@ -19,20 +19,20 @@
"version": {
"version_data": [
{
"version_value": ">=",
"version_affected": "2020.6.4671"
"version_value": "2020.6.4671",
"version_affected": ">="
},
{
"version_value": "<",
"version_affected": "2020.6.5146"
"version_value": "2020.6.5146",
"version_affected": "<"
},
{
"version_value": ">=",
"version_affected": "2021.1.7149"
"version_value": "2021.1.7149",
"version_affected": ">="
},
{
"version_value": "<",
"version_affected": "2021.1.7316"
"version_value": "2021.1.7316",
"version_affected": "<"
}
]
}

16
2021/31xxx/CVE-2021-31818.json
View File

@ -19,20 +19,20 @@
"version": {
"version_data": [
{
"version_value": ">=",
"version_affected": "2018.9.17"
"version_value": "2018.9.17",
"version_affected": ">="
},
{
"version_value": "<",
"version_affected": "2020.6.5146"
"version_value": "2020.6.5146",
"version_affected": "<"
},
{
"version_value": ">=",
"version_affected": "2021.1.7149"
"version_value": "2021.1.7149",
"version_affected": ">="
},
{
"version_value": "<",
"version_affected": "2021.1.7316"
"version_value": "2021.1.7316",
"version_affected": "<"
}
]
}

114
2021/31xxx/CVE-2021-31819.json
View File

@ -1,63 +1,63 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@octopus.com",
"ID": "CVE-2021-31819",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Octopus Deploy",
"product": {
"product_data": [
{
"product_name": "Halibut",
"version": {
"version_data": [
{
"version_value": "<",
"version_affected": "4.4.7"
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@octopus.com",
"ID": "CVE-2021-31819",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Octopus Deploy",
"product": {
"product_data": [
{
"product_name": "Halibut",
"version": {
"version_data": [
{
"version_value": "4.4.7",
"version_affected": "<"
}
]
}
]
}
}
]
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution via Deserialisation in the Halibut Protocol"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://advisories.octopus.com/adv/2021-08---Remote-Code-Execution-via-Deserialisation-in-the-Halibut-Protocol-(CVE-2021-31819).2250309681.html",
"refsource": "MISC",
"name": "https://advisories.octopus.com/adv/2021-08---Remote-Code-Execution-via-Deserialisation-in-the-Halibut-Protocol-(CVE-2021-31819).2250309681.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification."
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution via Deserialisation in the Halibut Protocol"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://advisories.octopus.com/adv/2021-08---Remote-Code-Execution-via-Deserialisation-in-the-Halibut-Protocol-(CVE-2021-31819).2250309681.html",
"refsource": "MISC",
"name": "https://advisories.octopus.com/adv/2021-08---Remote-Code-Execution-via-Deserialisation-in-the-Halibut-Protocol-(CVE-2021-31819).2250309681.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification."
}
]
}
}

16
2021/31xxx/CVE-2021-31820.json
View File

@ -19,20 +19,20 @@
"version": {
"version_data": [
{
"version_value": ">=",
"version_affected": "2018.8.2"
"version_value": "2018.8.2",
"version_affected": ">="
},
{
"version_value": "<",
"version_affected": "2020.6.5310"
"version_value": "2020.6.5310",
"version_affected": "<"
},
{
"version_value": ">=",
"version_affected": "2021.1.7149"
"version_value": "2021.1.7149",
"version_affected": ">="
},
{
"version_value": "<",
"version_affected": "2021.1.7622"
"version_value": "2021.1.7622",
"version_affected": "<"
}
]
}

112
2021/31xxx/CVE-2021-31821.json
View File

@ -1,63 +1,63 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-31821",
"ASSIGNER": "security@octopus.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Octopus Deploy",
"product": {
"product_data": [
{
"product_name": "Octopus Tentacle",
"version": {
"version_data": [
{
"version_value": "<",
"version_affected": "6.1.1266"
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-31821",
"ASSIGNER": "security@octopus.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Octopus Deploy",
"product": {
"product_data": [
{
"product_name": "Octopus Tentacle",
"version": {
"version_data": [
{
"version_value": "6.1.1266",
"version_affected": "<"
}
]
}
]
}
}
]
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext Storage of Sensitive Information in Octopus Tentacle Windows Docker image"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://advisories.octopus.com/post/2022/sa2022-01/",
"refsource": "MISC",
"name": "https://advisories.octopus.com/post/2022/sa2022-01/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "When the Windows Tentacle docker image starts up it logs all the commands that it runs along with the arguments, which writes the Octopus Server API key in plaintext. This does not affect the Linux Docker image"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext Storage of Sensitive Information in Octopus Tentacle Windows Docker image"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://advisories.octopus.com/post/2022/sa2022-01/",
"refsource": "MISC",
"name": "https://advisories.octopus.com/post/2022/sa2022-01/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "When the Windows Tentacle docker image starts up it logs all the commands that it runs along with the arguments, which writes the Octopus Server API key in plaintext. This does not affect the Linux Docker image"
}
]
}
}

122
2021/31xxx/CVE-2021-31822.json
View File

@ -1,67 +1,67 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-31822",
"ASSIGNER": "security@octopus.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Octopus Deploy",
"product": {
"product_data": [
{
"product_name": "Octopus Tentacle",
"version": {
"version_data": [
{
"version_value": ">=",
"version_affected": "3.15.4"
},
{
"version_value": "<",
"version_affected": "6.1.1116"
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-31822",
"ASSIGNER": "security@octopus.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Octopus Deploy",
"product": {
"product_data": [
{
"product_name": "Octopus Tentacle",
"version": {
"version_data": [
{
"version_value": "3.15.4",
"version_affected": ">="
},
{
"version_value": "6.1.1116",
"version_affected": "<"
}
]
}
]
}
}
]
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local privilege escalation in Octopus Tentacle"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://advisories.octopus.com/adv/2021-11---Local-privilege-escalation-in-Octopus-Tentacle-(CVE-2021-31822).2283732993.html",
"refsource": "MISC",
"name": "https://advisories.octopus.com/adv/2021-11---Local-privilege-escalation-in-Octopus-Tentacle-(CVE-2021-31822).2283732993.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "When Octopus Tentacle is installed on a Linux operating system, the systemd service file permissions are misconfigured. This could lead to a local unprivileged user modifying the contents of the systemd service file to gain privileged access."
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local privilege escalation in Octopus Tentacle"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://advisories.octopus.com/adv/2021-11---Local-privilege-escalation-in-Octopus-Tentacle-(CVE-2021-31822).2283732993.html",
"refsource": "MISC",
"name": "https://advisories.octopus.com/adv/2021-11---Local-privilege-escalation-in-Octopus-Tentacle-(CVE-2021-31822).2283732993.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "When Octopus Tentacle is installed on a Linux operating system, the systemd service file permissions are misconfigured. This could lead to a local unprivileged user modifying the contents of the systemd service file to gain privileged access."
}
]
}
}

122
2022/23xxx/CVE-2022-23184.json
View File

@ -1,67 +1,67 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-23184",
"ASSIGNER": "security@octopus.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Octopus Deploy",
"product": {
"product_data": [
{
"product_name": "Octopus Server",
"version": {
"version_data": [
{
"version_value": "<",
"version_affected": "2021.2.8011"
},
{
"version_value": "<",
"version_affected": "2021.3.11057"
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-23184",
"ASSIGNER": "security@octopus.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Octopus Deploy",
"product": {
"product_data": [
{
"product_name": "Octopus Server",
"version": {
"version_data": [
{
"version_value": "2021.2.8011",
"version_affected": "<"
},
{
"version_value": "2021.3.11057",
"version_affected": "<"
}
]
}
]
}
}
]
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Open Redirect Vulnerability in Octopus Server"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://advisories.octopus.com/post/2022/sa2022-02/",
"refsource": "MISC",
"name": "https://advisories.octopus.com/post/2022/sa2022-02/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In affected Octopus Server versions when the server HTTP and HTTPS bindings are configured to localhost, Octopus Server will allow open redirects."
}
]
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Open Redirect Vulnerability in Octopus Server"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://advisories.octopus.com/post/2022/sa2022-02/",
"refsource": "MISC",
"name": "https://advisories.octopus.com/post/2022/sa2022-02/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In affected Octopus Server versions when the server HTTP and HTTPS bindings are configured to localhost, Octopus Server will allow open redirects."
}
]
}
}