From c791c48acd4ec8c16b331cc745e98f3118d21568 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 11 Jul 2022 01:00:49 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/27xxx/CVE-2022-27168.json | 19 +++++++--- 2022/29xxx/CVE-2022-29512.json | 11 ++++-- 2022/30xxx/CVE-2022-30602.json | 11 ++++-- 2022/30xxx/CVE-2022-30943.json | 11 ++++-- 2022/31xxx/CVE-2022-31472.json | 11 ++++-- 2022/31xxx/CVE-2022-31501.json | 61 +++++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31502.json | 61 +++++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31503.json | 66 ++++++++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31504.json | 61 +++++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31505.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31506.json | 61 +++++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31507.json | 66 ++++++++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31508.json | 61 +++++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31509.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31510.json | 61 +++++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31511.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31512.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31513.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31514.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31515.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31516.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31517.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31518.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31519.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31520.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31521.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31522.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31523.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31524.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31525.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31526.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31527.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31528.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31529.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31530.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31531.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31532.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31533.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31534.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31535.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31536.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31537.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31538.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31539.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31540.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31541.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31542.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31543.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31544.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31545.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31546.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31547.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31548.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31549.json | 61 +++++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31550.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31551.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31552.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31553.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31554.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31555.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31556.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31557.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31558.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31559.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31560.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31561.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31562.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31563.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31564.json | 61 +++++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31565.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31566.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31567.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31568.json | 56 +++++++++++++++++++++++++---- 2022/31xxx/CVE-2022-31569.json | 56 +++++++++++++++++++++++++---- 74 files changed, 3556 insertions(+), 431 deletions(-) diff --git a/2022/27xxx/CVE-2022-27168.json b/2022/27xxx/CVE-2022-27168.json index 0531b45d7cf..4b6f6c922b6 100644 --- a/2022/27xxx/CVE-2022-27168.json +++ b/2022/27xxx/CVE-2022-27168.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-27168", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,16 +45,24 @@ "references": { "reference_data": [ { - "url": "https://www.litecart.net/en/" + "url": "https://www.litecart.net/en/", + "refsource": "MISC", + "name": "https://www.litecart.net/en/" }, { - "url": "https://github.com/litecart/litecart" + "url": "https://github.com/litecart/litecart", + "refsource": "MISC", + "name": "https://github.com/litecart/litecart" }, { - "url": "https://github.com/litecart/litecart/commit/050fea86cc162f3da2f7824f586602125a0f6d63" + "url": "https://github.com/litecart/litecart/commit/050fea86cc162f3da2f7824f586602125a0f6d63", + "refsource": "MISC", + "name": "https://github.com/litecart/litecart/commit/050fea86cc162f3da2f7824f586602125a0f6d63" }, { - "url": "https://jvn.jp/en/jp/JVN32625020/index.html" + "url": "https://jvn.jp/en/jp/JVN32625020/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN32625020/index.html" } ] }, diff --git a/2022/29xxx/CVE-2022-29512.json b/2022/29xxx/CVE-2022-29512.json index 2b1e4cfee75..3f1e9db269d 100644 --- a/2022/29xxx/CVE-2022-29512.json +++ b/2022/29xxx/CVE-2022-29512.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-29512", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://cs.cybozu.co.jp/2022/007682.html" + "url": "https://cs.cybozu.co.jp/2022/007682.html", + "refsource": "MISC", + "name": "https://cs.cybozu.co.jp/2022/007682.html" }, { - "url": "https://jvn.jp/en/jp/JVN14077132/index.html" + "url": "https://jvn.jp/en/jp/JVN14077132/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN14077132/index.html" } ] }, diff --git a/2022/30xxx/CVE-2022-30602.json b/2022/30xxx/CVE-2022-30602.json index e4859c873c3..6021a3dd63c 100644 --- a/2022/30xxx/CVE-2022-30602.json +++ b/2022/30xxx/CVE-2022-30602.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-30602", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://cs.cybozu.co.jp/2022/007682.html" + "url": "https://cs.cybozu.co.jp/2022/007682.html", + "refsource": "MISC", + "name": "https://cs.cybozu.co.jp/2022/007682.html" }, { - "url": "https://jvn.jp/en/jp/JVN14077132/index.html" + "url": "https://jvn.jp/en/jp/JVN14077132/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN14077132/index.html" } ] }, diff --git a/2022/30xxx/CVE-2022-30943.json b/2022/30xxx/CVE-2022-30943.json index fed9de878fb..2bdab38d6bf 100644 --- a/2022/30xxx/CVE-2022-30943.json +++ b/2022/30xxx/CVE-2022-30943.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-30943", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://cs.cybozu.co.jp/2022/007682.html" + "url": "https://cs.cybozu.co.jp/2022/007682.html", + "refsource": "MISC", + "name": "https://cs.cybozu.co.jp/2022/007682.html" }, { - "url": "https://jvn.jp/en/jp/JVN14077132/index.html" + "url": "https://jvn.jp/en/jp/JVN14077132/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN14077132/index.html" } ] }, diff --git a/2022/31xxx/CVE-2022-31472.json b/2022/31xxx/CVE-2022-31472.json index 3465ee197d1..458979f2b12 100644 --- a/2022/31xxx/CVE-2022-31472.json +++ b/2022/31xxx/CVE-2022-31472.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-31472", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -44,10 +45,14 @@ "references": { "reference_data": [ { - "url": "https://cs.cybozu.co.jp/2022/007429.html" + "url": "https://cs.cybozu.co.jp/2022/007429.html", + "refsource": "MISC", + "name": "https://cs.cybozu.co.jp/2022/007429.html" }, { - "url": "https://jvn.jp/en/jp/JVN73897863/index.html" + "url": "https://jvn.jp/en/jp/JVN73897863/index.html", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN73897863/index.html" } ] }, diff --git a/2022/31xxx/CVE-2022-31501.json b/2022/31xxx/CVE-2022-31501.json index 91840ca8231..a9ab8439ed1 100644 --- a/2022/31xxx/CVE-2022-31501.json +++ b/2022/31xxx/CVE-2022-31501.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31501", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31501", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The ChaoticOnyx/OnyxForum repository before 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" + }, + { + "url": "https://github.com/ChaoticOnyx/OnyxForum/commit/f25543dfc62a9694d7e4f67eebfa45e3de916053", + "refsource": "MISC", + "name": "https://github.com/ChaoticOnyx/OnyxForum/commit/f25543dfc62a9694d7e4f67eebfa45e3de916053" } ] } diff --git a/2022/31xxx/CVE-2022-31502.json b/2022/31xxx/CVE-2022-31502.json index f62b4a782b5..d4eaa006777 100644 --- a/2022/31xxx/CVE-2022-31502.json +++ b/2022/31xxx/CVE-2022-31502.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31502", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31502", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The operatorequals/wormnest repository through 0.4.7 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" + }, + { + "url": "https://github.com/operatorequals/wormnest/commit/2dfe96fc2570586ac487b399ac20d41b3c114861", + "refsource": "MISC", + "name": "https://github.com/operatorequals/wormnest/commit/2dfe96fc2570586ac487b399ac20d41b3c114861" } ] } diff --git a/2022/31xxx/CVE-2022-31503.json b/2022/31xxx/CVE-2022-31503.json index 8c1ca460edb..150b42d4842 100644 --- a/2022/31xxx/CVE-2022-31503.json +++ b/2022/31xxx/CVE-2022-31503.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31503", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31503", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The orchest/orchest repository before 2022.05.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" + }, + { + "url": "https://github.com/orchest/orchest/pull/913", + "refsource": "MISC", + "name": "https://github.com/orchest/orchest/pull/913" + }, + { + "url": "https://github.com/orchest/orchest/releases/tag/v2022.05.0", + "refsource": "MISC", + "name": "https://github.com/orchest/orchest/releases/tag/v2022.05.0" } ] } diff --git a/2022/31xxx/CVE-2022-31504.json b/2022/31xxx/CVE-2022-31504.json index 5f49eb2ec81..5f79f4b2240 100644 --- a/2022/31xxx/CVE-2022-31504.json +++ b/2022/31xxx/CVE-2022-31504.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31504", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31504", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The ChangeWeDer/BaiduWenkuSpider_flaskWeb repository before 2021-11-29 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" + }, + { + "url": "https://github.com/ChangeWeDer/BaiduWenkuSpider_flaskWeb/pull/3", + "refsource": "MISC", + "name": "https://github.com/ChangeWeDer/BaiduWenkuSpider_flaskWeb/pull/3" } ] } diff --git a/2022/31xxx/CVE-2022-31505.json b/2022/31xxx/CVE-2022-31505.json index 0a9f427d39b..d85db213393 100644 --- a/2022/31xxx/CVE-2022-31505.json +++ b/2022/31xxx/CVE-2022-31505.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31505", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31505", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The cheo0/MercadoEnLineaBack repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31506.json b/2022/31xxx/CVE-2022-31506.json index 2f03c47663d..3ce5f18d1e9 100644 --- a/2022/31xxx/CVE-2022-31506.json +++ b/2022/31xxx/CVE-2022-31506.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31506", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31506", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The cmusatyalab/opendiamond repository through 10.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" + }, + { + "url": "https://github.com/cmusatyalab/opendiamond/commit/398049c187ee644beabab44d6fece82251c1ea56", + "refsource": "MISC", + "name": "https://github.com/cmusatyalab/opendiamond/commit/398049c187ee644beabab44d6fece82251c1ea56" } ] } diff --git a/2022/31xxx/CVE-2022-31507.json b/2022/31xxx/CVE-2022-31507.json index e42d4f8dd1c..55d23a84eb8 100644 --- a/2022/31xxx/CVE-2022-31507.json +++ b/2022/31xxx/CVE-2022-31507.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31507", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31507", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" + }, + { + "url": "https://github.com/ganga-devs/ganga/commit/730e7aba192407d35eb37dd7938d49071124be8c", + "refsource": "MISC", + "name": "https://github.com/ganga-devs/ganga/commit/730e7aba192407d35eb37dd7938d49071124be8c" + }, + { + "url": "https://github.com/ganga-devs/ganga/releases/tag/8.5.10", + "refsource": "MISC", + "name": "https://github.com/ganga-devs/ganga/releases/tag/8.5.10" } ] } diff --git a/2022/31xxx/CVE-2022-31508.json b/2022/31xxx/CVE-2022-31508.json index ebae1b30438..3c3fa0eb39a 100644 --- a/2022/31xxx/CVE-2022-31508.json +++ b/2022/31xxx/CVE-2022-31508.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31508", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31508", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The idayrus/evoting repository before 2022-05-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" + }, + { + "url": "https://github.com/idayrus/evoting/commit/241d92a4d68f524365a6322b5bbcfaa7d9abc8a3", + "refsource": "MISC", + "name": "https://github.com/idayrus/evoting/commit/241d92a4d68f524365a6322b5bbcfaa7d9abc8a3" } ] } diff --git a/2022/31xxx/CVE-2022-31509.json b/2022/31xxx/CVE-2022-31509.json index 213fc1ee841..ccd3edf56ba 100644 --- a/2022/31xxx/CVE-2022-31509.json +++ b/2022/31xxx/CVE-2022-31509.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31509", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31509", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The iedadata/usap-dc-website repository through 1.0.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31510.json b/2022/31xxx/CVE-2022-31510.json index 6dea5a78a12..5ba17ae0951 100644 --- a/2022/31xxx/CVE-2022-31510.json +++ b/2022/31xxx/CVE-2022-31510.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31510", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31510", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The sergeKashkin/Simple-RAT repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" + }, + { + "url": "https://github.com/sergeKashkin/Simple-RAT/pull/11", + "refsource": "MISC", + "name": "https://github.com/sergeKashkin/Simple-RAT/pull/11" } ] } diff --git a/2022/31xxx/CVE-2022-31511.json b/2022/31xxx/CVE-2022-31511.json index 447eeb62275..cab8c7e3dc6 100644 --- a/2022/31xxx/CVE-2022-31511.json +++ b/2022/31xxx/CVE-2022-31511.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31511", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31511", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The AFDudley/equanimity repository through 2014-04-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31512.json b/2022/31xxx/CVE-2022-31512.json index bd46629dc2b..d40ff75f7bb 100644 --- a/2022/31xxx/CVE-2022-31512.json +++ b/2022/31xxx/CVE-2022-31512.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31512", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31512", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Atom02/flask-mvc repository through 2020-09-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31513.json b/2022/31xxx/CVE-2022-31513.json index 09e75e5f329..8525dca8381 100644 --- a/2022/31xxx/CVE-2022-31513.json +++ b/2022/31xxx/CVE-2022-31513.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31513", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31513", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The BolunHan/Krypton repository through 2021-06-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31514.json b/2022/31xxx/CVE-2022-31514.json index 6ab091764b8..c02c40041c1 100644 --- a/2022/31xxx/CVE-2022-31514.json +++ b/2022/31xxx/CVE-2022-31514.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31514", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31514", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Caoyongqi912/Fan_Platform repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31515.json b/2022/31xxx/CVE-2022-31515.json index 6b0f17c6610..a367202d340 100644 --- a/2022/31xxx/CVE-2022-31515.json +++ b/2022/31xxx/CVE-2022-31515.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31515", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31515", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31516.json b/2022/31xxx/CVE-2022-31516.json index b58b2320fb9..734ab96385a 100644 --- a/2022/31xxx/CVE-2022-31516.json +++ b/2022/31xxx/CVE-2022-31516.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31516", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31516", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Harveyzyh/Python repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31517.json b/2022/31xxx/CVE-2022-31517.json index 03a61baf46f..636caba2187 100644 --- a/2022/31xxx/CVE-2022-31517.json +++ b/2022/31xxx/CVE-2022-31517.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31517", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31517", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The HolgerGraef/MSM repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31518.json b/2022/31xxx/CVE-2022-31518.json index 07874dce5b7..02d7199a907 100644 --- a/2022/31xxx/CVE-2022-31518.json +++ b/2022/31xxx/CVE-2022-31518.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31518", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31518", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The JustAnotherSoftwareDeveloper/Python-Recipe-Database repository through 2021-03-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31519.json b/2022/31xxx/CVE-2022-31519.json index 090439e67ec..e521cad4c93 100644 --- a/2022/31xxx/CVE-2022-31519.json +++ b/2022/31xxx/CVE-2022-31519.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31519", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31519", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Lukasavicus/WindMill repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31520.json b/2022/31xxx/CVE-2022-31520.json index e07552b8d18..87c2c9e8a30 100644 --- a/2022/31xxx/CVE-2022-31520.json +++ b/2022/31xxx/CVE-2022-31520.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31520", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31520", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Luxas98/logstash-management-api repository through 2020-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31521.json b/2022/31xxx/CVE-2022-31521.json index 0b1c3e85983..0291b4963fa 100644 --- a/2022/31xxx/CVE-2022-31521.json +++ b/2022/31xxx/CVE-2022-31521.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31521", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31521", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Niyaz-Mohamed/mosaic repository through 1.0.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31522.json b/2022/31xxx/CVE-2022-31522.json index c80b1136724..8a3da937cf8 100644 --- a/2022/31xxx/CVE-2022-31522.json +++ b/2022/31xxx/CVE-2022-31522.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31522", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31522", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31523.json b/2022/31xxx/CVE-2022-31523.json index 5cca5e2b550..9d85b2170e6 100644 --- a/2022/31xxx/CVE-2022-31523.json +++ b/2022/31xxx/CVE-2022-31523.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31523", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31523", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The PaddlePaddle/Anakin repository through 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31524.json b/2022/31xxx/CVE-2022-31524.json index c9cd01cf8d3..7626875723f 100644 --- a/2022/31xxx/CVE-2022-31524.json +++ b/2022/31xxx/CVE-2022-31524.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31524", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31524", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The PureStorage-OpenConnect/swagger repository through 1.1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31525.json b/2022/31xxx/CVE-2022-31525.json index 489f2265433..f6220f461bb 100644 --- a/2022/31xxx/CVE-2022-31525.json +++ b/2022/31xxx/CVE-2022-31525.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31525", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31525", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The SummaLabs/DLS repository through 0.1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31526.json b/2022/31xxx/CVE-2022-31526.json index a3ceb6d2032..b3c07d3bac3 100644 --- a/2022/31xxx/CVE-2022-31526.json +++ b/2022/31xxx/CVE-2022-31526.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31526", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31526", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The ThundeRatz/ThunderDocs repository through 2020-05-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31527.json b/2022/31xxx/CVE-2022-31527.json index 9de575844a6..a286c0c05b7 100644 --- a/2022/31xxx/CVE-2022-31527.json +++ b/2022/31xxx/CVE-2022-31527.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31527", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31527", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31528.json b/2022/31xxx/CVE-2022-31528.json index 0e8331ce0a6..1d8a416a5f3 100644 --- a/2022/31xxx/CVE-2022-31528.json +++ b/2022/31xxx/CVE-2022-31528.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31528", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31528", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The bonn-activity-maps/bam_annotation_tool repository through 2021-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31529.json b/2022/31xxx/CVE-2022-31529.json index c552f1f130d..17e351511c7 100644 --- a/2022/31xxx/CVE-2022-31529.json +++ b/2022/31xxx/CVE-2022-31529.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31529", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31529", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The cinemaproject/monorepo repository through 2021-03-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31530.json b/2022/31xxx/CVE-2022-31530.json index 90f90ec6246..1a32ad17855 100644 --- a/2022/31xxx/CVE-2022-31530.json +++ b/2022/31xxx/CVE-2022-31530.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31530", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31530", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The csm-aut/csm repository through 3.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31531.json b/2022/31xxx/CVE-2022-31531.json index 5eecd545fb3..2f095eaefe6 100644 --- a/2022/31xxx/CVE-2022-31531.json +++ b/2022/31xxx/CVE-2022-31531.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31531", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31531", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The dainst/cilantro repository through 0.0.4 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31532.json b/2022/31xxx/CVE-2022-31532.json index 405165e2977..d986bb2ba97 100644 --- a/2022/31xxx/CVE-2022-31532.json +++ b/2022/31xxx/CVE-2022-31532.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31532", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31532", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The dankolbman/travel_blahg repository through 2016-01-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31533.json b/2022/31xxx/CVE-2022-31533.json index 4a5a914a624..d750f3a22f7 100644 --- a/2022/31xxx/CVE-2022-31533.json +++ b/2022/31xxx/CVE-2022-31533.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31533", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31533", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The decentraminds/umbral repository through 2020-01-15 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31534.json b/2022/31xxx/CVE-2022-31534.json index 683d918bdeb..667bc25088e 100644 --- a/2022/31xxx/CVE-2022-31534.json +++ b/2022/31xxx/CVE-2022-31534.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31534", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31534", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The echoleegroup/PythonWeb repository through 2018-10-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31535.json b/2022/31xxx/CVE-2022-31535.json index 0c5fb549eb9..693952c5c3d 100644 --- a/2022/31xxx/CVE-2022-31535.json +++ b/2022/31xxx/CVE-2022-31535.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31535", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31535", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The freefood89/Fishtank repository through 2015-06-24 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31536.json b/2022/31xxx/CVE-2022-31536.json index 8f23d71b2af..d8f6a7f9749 100644 --- a/2022/31xxx/CVE-2022-31536.json +++ b/2022/31xxx/CVE-2022-31536.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31536", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31536", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The jaygarza1982/ytdl-sync repository through 2021-01-02 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31537.json b/2022/31xxx/CVE-2022-31537.json index 50c2fd39a6c..26260dbbf36 100644 --- a/2022/31xxx/CVE-2022-31537.json +++ b/2022/31xxx/CVE-2022-31537.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31537", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31537", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The jmcginty15/Solar-system-simulator repository through 2021-07-26 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31538.json b/2022/31xxx/CVE-2022-31538.json index 920aa15a794..6d52153087c 100644 --- a/2022/31xxx/CVE-2022-31538.json +++ b/2022/31xxx/CVE-2022-31538.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31538", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31538", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The joaopedro-fg/mp-m08-interface repository through 2020-12-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31539.json b/2022/31xxx/CVE-2022-31539.json index 463adc904e3..68eaf710552 100644 --- a/2022/31xxx/CVE-2022-31539.json +++ b/2022/31xxx/CVE-2022-31539.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31539", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31539", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The kotekan/kotekan repository through 2021.11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31540.json b/2022/31xxx/CVE-2022-31540.json index bf2239d925c..c46366f6b60 100644 --- a/2022/31xxx/CVE-2022-31540.json +++ b/2022/31xxx/CVE-2022-31540.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31540", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31540", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The kumardeepak/hin-eng-preprocessing repository through 2019-07-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31541.json b/2022/31xxx/CVE-2022-31541.json index 86e42ead479..9dc116bacdc 100644 --- a/2022/31xxx/CVE-2022-31541.json +++ b/2022/31xxx/CVE-2022-31541.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31541", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31541", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The lyubolp/Barry-Voice-Assistant repository through 2021-01-18 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31542.json b/2022/31xxx/CVE-2022-31542.json index 4b97c67c5f9..038b4ae1b81 100644 --- a/2022/31xxx/CVE-2022-31542.json +++ b/2022/31xxx/CVE-2022-31542.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31542", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31542", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The mandoku/mdweb repository through 2015-05-07 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31543.json b/2022/31xxx/CVE-2022-31543.json index d3fce6d319a..b43114c9301 100644 --- a/2022/31xxx/CVE-2022-31543.json +++ b/2022/31xxx/CVE-2022-31543.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31543", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31543", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The maxtortime/SetupBox repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31544.json b/2022/31xxx/CVE-2022-31544.json index 09d2f71afe2..29be84ebb69 100644 --- a/2022/31xxx/CVE-2022-31544.json +++ b/2022/31xxx/CVE-2022-31544.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31544", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31544", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The meerstein/rbtm repository through 1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31545.json b/2022/31xxx/CVE-2022-31545.json index 657c1168341..a9be8100481 100644 --- a/2022/31xxx/CVE-2022-31545.json +++ b/2022/31xxx/CVE-2022-31545.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31545", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31545", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The ml-inory/ModelConverter repository through 2021-04-26 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31546.json b/2022/31xxx/CVE-2022-31546.json index d2886b873bf..04d0d14016b 100644 --- a/2022/31xxx/CVE-2022-31546.json +++ b/2022/31xxx/CVE-2022-31546.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31546", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31546", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The nlpweb/glance repository through 2014-06-27 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31547.json b/2022/31xxx/CVE-2022-31547.json index 7a81ca5965c..7e88dee4d42 100644 --- a/2022/31xxx/CVE-2022-31547.json +++ b/2022/31xxx/CVE-2022-31547.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31547", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31547", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The noamezekiel/sphere repository through 2020-05-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31548.json b/2022/31xxx/CVE-2022-31548.json index e9ec88e4b5f..f9058d300a3 100644 --- a/2022/31xxx/CVE-2022-31548.json +++ b/2022/31xxx/CVE-2022-31548.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31548", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31548", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31549.json b/2022/31xxx/CVE-2022-31549.json index 8fdfeea85b3..524caaa42bb 100644 --- a/2022/31xxx/CVE-2022-31549.json +++ b/2022/31xxx/CVE-2022-31549.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31549", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31549", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The olmax99/helm-flask-celery repository before 2022-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" + }, + { + "url": "https://github.com/olmax99/helm-flask-celery/commit/28c985d712d7ac26893433e8035e2e3678fcae9f", + "refsource": "MISC", + "name": "https://github.com/olmax99/helm-flask-celery/commit/28c985d712d7ac26893433e8035e2e3678fcae9f" } ] } diff --git a/2022/31xxx/CVE-2022-31550.json b/2022/31xxx/CVE-2022-31550.json index 4b4adfbd70e..c46d3d24071 100644 --- a/2022/31xxx/CVE-2022-31550.json +++ b/2022/31xxx/CVE-2022-31550.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31550", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31550", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The olmax99/pyathenastack repository through 2019-11-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31551.json b/2022/31xxx/CVE-2022-31551.json index 6ba0b478293..0c035223071 100644 --- a/2022/31xxx/CVE-2022-31551.json +++ b/2022/31xxx/CVE-2022-31551.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31551", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31551", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The pleomax00/flask-mongo-skel repository through 2012-11-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31552.json b/2022/31xxx/CVE-2022-31552.json index 4a7d6cf808a..409b32ca37b 100644 --- a/2022/31xxx/CVE-2022-31552.json +++ b/2022/31xxx/CVE-2022-31552.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31552", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31552", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The project-anuvaad/anuvaad-corpus repository through 2020-11-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31553.json b/2022/31xxx/CVE-2022-31553.json index 14290022ec0..2e73badc0ad 100644 --- a/2022/31xxx/CVE-2022-31553.json +++ b/2022/31xxx/CVE-2022-31553.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31553", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31553", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The rainsoupah/sleep-learner repository through 2021-02-21 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31554.json b/2022/31xxx/CVE-2022-31554.json index d7ff333c902..8293330bdda 100644 --- a/2022/31xxx/CVE-2022-31554.json +++ b/2022/31xxx/CVE-2022-31554.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31554", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31554", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The rohitnayak/movie-review-sentiment-analysis repository through 2017-05-07 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31555.json b/2022/31xxx/CVE-2022-31555.json index d9303674e52..3bf3dfe04b2 100644 --- a/2022/31xxx/CVE-2022-31555.json +++ b/2022/31xxx/CVE-2022-31555.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31555", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31555", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The romain20100/nursequest repository through 2018-02-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31556.json b/2022/31xxx/CVE-2022-31556.json index 3bf89ea39fd..a7bf2911579 100644 --- a/2022/31xxx/CVE-2022-31556.json +++ b/2022/31xxx/CVE-2022-31556.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31556", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31556", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The rusyasoft/TrainEnergyServer repository through 2017-08-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31557.json b/2022/31xxx/CVE-2022-31557.json index 4a36a1401bb..e32a059a750 100644 --- a/2022/31xxx/CVE-2022-31557.json +++ b/2022/31xxx/CVE-2022-31557.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31557", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31557", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The seveas/golem repository through 2016-05-17 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31558.json b/2022/31xxx/CVE-2022-31558.json index 30610a624e2..b45867b8667 100644 --- a/2022/31xxx/CVE-2022-31558.json +++ b/2022/31xxx/CVE-2022-31558.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31558", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31558", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The tooxie/shiva-server repository through 0.10.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31559.json b/2022/31xxx/CVE-2022-31559.json index 5a7220da245..657208c95a8 100644 --- a/2022/31xxx/CVE-2022-31559.json +++ b/2022/31xxx/CVE-2022-31559.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31559", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31559", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The tsileo/flask-yeoman repository through 2013-09-13 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31560.json b/2022/31xxx/CVE-2022-31560.json index 21200732423..e9fb6242ded 100644 --- a/2022/31xxx/CVE-2022-31560.json +++ b/2022/31xxx/CVE-2022-31560.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31560", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31560", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The uncleYiba/photo_tag repository through 2020-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31561.json b/2022/31xxx/CVE-2022-31561.json index 97436eb9dcb..1bb847da722 100644 --- a/2022/31xxx/CVE-2022-31561.json +++ b/2022/31xxx/CVE-2022-31561.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31561", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31561", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The varijkapil13/Sphere_ImageBackend repository through 2019-10-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31562.json b/2022/31xxx/CVE-2022-31562.json index 23ae9e1cf00..9131d52f7c5 100644 --- a/2022/31xxx/CVE-2022-31562.json +++ b/2022/31xxx/CVE-2022-31562.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31562", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31562", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The waveyan/internshipsystem repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31563.json b/2022/31xxx/CVE-2022-31563.json index 53fc426e2de..ff8321d84ab 100644 --- a/2022/31xxx/CVE-2022-31563.json +++ b/2022/31xxx/CVE-2022-31563.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31563", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31563", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The whmacmac/vprj repository through 2022-04-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31564.json b/2022/31xxx/CVE-2022-31564.json index c73517fc878..f780563af52 100644 --- a/2022/31xxx/CVE-2022-31564.json +++ b/2022/31xxx/CVE-2022-31564.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31564", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31564", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The woduq1414/munhak-moa repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" + }, + { + "url": "https://github.com/woduq1414/munhak-moa/commit/e8f800373b20cb22de70c7a994325b8903877da0", + "refsource": "MISC", + "name": "https://github.com/woduq1414/munhak-moa/commit/e8f800373b20cb22de70c7a994325b8903877da0" } ] } diff --git a/2022/31xxx/CVE-2022-31565.json b/2022/31xxx/CVE-2022-31565.json index 25be27565d0..192d6814402 100644 --- a/2022/31xxx/CVE-2022-31565.json +++ b/2022/31xxx/CVE-2022-31565.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31565", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31565", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31566.json b/2022/31xxx/CVE-2022-31566.json index 75ed7149b8e..f29f1614073 100644 --- a/2022/31xxx/CVE-2022-31566.json +++ b/2022/31xxx/CVE-2022-31566.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31566", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31566", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The DSAB-local/DSAB repository through 2019-02-18 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31567.json b/2022/31xxx/CVE-2022-31567.json index c1b629a20b7..f0ef0777861 100644 --- a/2022/31xxx/CVE-2022-31567.json +++ b/2022/31xxx/CVE-2022-31567.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31567", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31567", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The DSABenchmark/DSAB repository through 2.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31568.json b/2022/31xxx/CVE-2022-31568.json index 21e5ee1c63a..7174dd9b7da 100644 --- a/2022/31xxx/CVE-2022-31568.json +++ b/2022/31xxx/CVE-2022-31568.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31568", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31568", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] } diff --git a/2022/31xxx/CVE-2022-31569.json b/2022/31xxx/CVE-2022-31569.json index 955f112524a..f5f27039deb 100644 --- a/2022/31xxx/CVE-2022-31569.json +++ b/2022/31xxx/CVE-2022-31569.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-31569", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-31569", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The RipudamanKaushikDal/projects repository through 2022-04-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726", + "refsource": "MISC", + "name": "https://github.com/github/securitylab/issues/669#issuecomment-1117265726" } ] }