From c9ee1affdc80d82f8d64dfb7d7283b3468c53627 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 16 Jul 2021 13:00:54 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2015/7xxx/CVE-2015-7705.json | 100 +++++++++++++++++++++++++++++++ 2015/7xxx/CVE-2015-7853.json | 105 +++++++++++++++++++++++++++++++++ 2016/4xxx/CVE-2016-4953.json | 70 ++++++++++++++++++++++ 2016/7xxx/CVE-2016-7433.json | 65 ++++++++++++++++++++ 2018/8xxx/CVE-2018-8012.json | 5 ++ 2019/12xxx/CVE-2019-12900.json | 5 ++ 2021/1xxx/CVE-2021-1422.json | 4 +- 2021/28xxx/CVE-2021-28114.json | 66 +++++++++++++++++++-- 8 files changed, 412 insertions(+), 8 deletions(-) diff --git a/2015/7xxx/CVE-2015-7705.json b/2015/7xxx/CVE-2015-7705.json index 6ee2aea01d1..f9231ea4ea9 100644 --- a/2015/7xxx/CVE-2015-7705.json +++ b/2015/7xxx/CVE-2015-7705.json @@ -52,11 +52,26 @@ }, "references": { "reference_data": [ + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1912", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" + }, { "name": "VU#718152", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/718152" }, + { + "refsource": "UBUNTU", + "name": "USN-2783-1", + "url": "http://www.ubuntu.com/usn/USN-2783-1" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1247", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" + }, { "name": "77284", "refsource": "BID", @@ -77,11 +92,21 @@ "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1311", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" + }, { "name": "https://www.cs.bu.edu/~goldbe/NTPattack.html", "refsource": "MISC", "url": "https://www.cs.bu.edu/~goldbe/NTPattack.html" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:2094", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" + }, { "name": "https://eprint.iacr.org/2015/1020.pdf", "refsource": "MISC", @@ -102,6 +127,11 @@ "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug2901" }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2016:1423", + "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" + }, { "name": "GLSA-201607-15", "refsource": "GENTOO", @@ -112,6 +142,71 @@ "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171004-0001/" }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html", + "url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2016:1329", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html" + }, + { + "refsource": "CISCO", + "name": "20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1471", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html" + }, + { + "refsource": "CONFIRM", + "name": "https://bto.bluecoat.com/security-advisory/sa103", + "url": "https://bto.bluecoat.com/security-advisory/sa103" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1291", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1568", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2015:2016", + "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1278", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html" + }, + { + "refsource": "BUGTRAQ", + "name": "20151029 [slackware-security] ntp (SSA:2015-302-03)", + "url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151029 [slackware-security] ntp (SSA:2015-302-03)", + "url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", + "url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", + "url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", @@ -126,6 +221,11 @@ "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" + }, + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ] } diff --git a/2015/7xxx/CVE-2015-7853.json b/2015/7xxx/CVE-2015-7853.json index 4cdb9495b32..7fe9293a7d4 100644 --- a/2015/7xxx/CVE-2015-7853.json +++ b/2015/7xxx/CVE-2015-7853.json @@ -57,21 +57,51 @@ "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug2920" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1912", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-2783-1", + "url": "http://www.ubuntu.com/usn/USN-2783-1" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1247", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" + }, { "name": "1033951", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033951" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1311", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" + }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:2094", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" + }, { "name": "77273", "refsource": "BID", "url": "http://www.securityfocus.com/bid/77273" }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2016:1423", + "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" + }, { "name": "GLSA-201607-15", "refsource": "GENTOO", @@ -82,10 +112,85 @@ "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171004-0001/" }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html", + "url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html", + "url": "http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html" + }, + { + "refsource": "CISCO", + "name": "20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp" + }, + { + "refsource": "CONFIRM", + "name": "https://bto.bluecoat.com/security-advisory/sa103", + "url": "https://bto.bluecoat.com/security-advisory/sa103" + }, + { + "refsource": "BUGTRAQ", + "name": "20151104 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED]", + "url": "http://www.securityfocus.com/archive/1/536833/100/0/threaded" + }, + { + "refsource": "MISC", + "name": "http://www.talosintel.com/vulnerability-reports/", + "url": "http://www.talosintel.com/vulnerability-reports/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2015:2016", + "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html" + }, + { + "refsource": "BUGTRAQ", + "name": "20151104 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED]", + "url": "http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151026 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp", + "url": "http://www.securityfocus.com/archive/1/536760/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151026 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp", + "url": "http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151029 [slackware-security] ntp (SSA:2015-302-03)", + "url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151029 [slackware-security] ntp (SSA:2015-302-03)", + "url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", + "url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", + "url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" + }, + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ] } diff --git a/2016/4xxx/CVE-2016-4953.json b/2016/4xxx/CVE-2016-4953.json index b7d2217d346..fd09b7a6b0e 100644 --- a/2016/4xxx/CVE-2016-4953.json +++ b/2016/4xxx/CVE-2016-4953.json @@ -72,6 +72,11 @@ "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1912", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" + }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03757en_us", "refsource": "CONFIRM", @@ -97,6 +102,11 @@ "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:2094", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" + }, { "name": "VU#321640", "refsource": "CERT-VN", @@ -127,6 +137,61 @@ "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html", + "url": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html" + }, + { + "refsource": "CISCO", + "name": "20160603 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd" + }, + { + "refsource": "BUGTRAQ", + "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", + "url": "http://www.securityfocus.com/archive/1/540683/100/0/threaded" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html", + "url": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1568", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", + "url": "http://www.securityfocus.com/archive/1/538599/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", + "url": "http://www.securityfocus.com/archive/1/archive/1/540683/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", + "url": "http://www.securityfocus.com/archive/1/538600/100/0/threaded" + }, + { + "refsource": "CERT-VN", + "name": "VU#321640", + "url": "https://www.kb.cert.org/vuls/id/321640" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", + "url": "http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", + "url": "http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threaded" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", @@ -141,6 +206,11 @@ "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" + }, + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ] } diff --git a/2016/7xxx/CVE-2016-7433.json b/2016/7xxx/CVE-2016-7433.json index e1e81200a25..435f6462454 100644 --- a/2016/7xxx/CVE-2016-7433.json +++ b/2016/7xxx/CVE-2016-7433.json @@ -107,10 +107,75 @@ "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug3067" }, + { + "refsource": "BUGTRAQ", + "name": "20170310 [security bulletin] HPESBUX03706 rev.1 - HP-UX NTP service running ntpd, Multiple Vulnerabilities", + "url": "http://www.securityfocus.com/archive/1/540254/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20170310 [security bulletin] HPESBUX03706 rev.1 - HP-UX NTP service running ntpd, Multiple Vulnerabilities", + "url": "http://www.securityfocus.com/archive/1/archive/1/540254/100/0/threaded" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2016:3280", + "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-3349-1", + "url": "http://www.ubuntu.com/usn/USN-3349-1" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2016-e8a8561ee7", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PABKEYX6ABBFJZGMXKH57X756EJUDS3C/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2016-7209ab4e02", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5E3XBBCK5IXOLDAH2E4M3QKIYIHUMMP/" + }, + { + "refsource": "CONFIRM", + "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-ntpd-en", + "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-ntpd-en" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2016-c198d15316", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ILMSYVQMMF37MANYEO7KBHOPSC74EKGN/" + }, + { + "refsource": "CONFIRM", + "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-227/", + "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-227/" + }, + { + "refsource": "BUGTRAQ", + "name": "20161222 FreeBSD Security Advisory FreeBSD-SA-16:39.ntp", + "url": "http://www.securityfocus.com/archive/1/539955/100/0/threaded" + }, + { + "refsource": "CONFIRM", + "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-227", + "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-227" + }, + { + "refsource": "BUGTRAQ", + "name": "20161222 FreeBSD Security Advisory FreeBSD-SA-16:39.ntp", + "url": "http://www.securityfocus.com/archive/1/archive/1/539955/100/0/threaded" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" + }, + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ] } diff --git a/2018/8xxx/CVE-2018-8012.json b/2018/8xxx/CVE-2018-8012.json index 29550964b9b..1623f829b7a 100644 --- a/2018/8xxx/CVE-2018-8012.json +++ b/2018/8xxx/CVE-2018-8012.json @@ -97,6 +97,11 @@ "refsource": "MLIST", "name": "[jackrabbit-dev] 20210716 [GitHub] [jackrabbit-oak] nit0906 opened a new pull request #326: OAK-9496 | Update zookeeper version to handle CVE-2018-8012", "url": "https://lists.apache.org/thread.html/r8f0d920805af93033c488af89104e2d682662bacfb8406db865d5e14@%3Cdev.jackrabbit.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[jackrabbit-dev] 20210716 [GitHub] [jackrabbit-oak] nit0906 commented on pull request #326: OAK-9496 | Update zookeeper version to handle CVE-2018-8012", + "url": "https://lists.apache.org/thread.html/rc5bc4ddb0deabf8cfb69378cecee56fcdc76929bea9e6373cb863870@%3Cdev.jackrabbit.apache.org%3E" } ] } diff --git a/2019/12xxx/CVE-2019-12900.json b/2019/12xxx/CVE-2019-12900.json index 42352ef7dc3..9dcd1aeb8ed 100644 --- a/2019/12xxx/CVE-2019-12900.json +++ b/2019/12xxx/CVE-2019-12900.json @@ -156,6 +156,11 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K68713584?utm_source=f5support&utm_medium=RSS", "url": "https://support.f5.com/csp/article/K68713584?utm_source=f5support&utm_medium=RSS" + }, + { + "refsource": "MLIST", + "name": "[flink-user] 20210716 Flink 1.13.1 - Vulnerabilities CVE-2019-12900 for librocksdbjni", + "url": "https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4@%3Cuser.flink.apache.org%3E" } ] } diff --git a/2021/1xxx/CVE-2021-1422.json b/2021/1xxx/CVE-2021-1422.json index dde9ec7fa6f..51e84f8dbff 100644 --- a/2021/1xxx/CVE-2021-1422.json +++ b/2021/1xxx/CVE-2021-1422.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the device that results in a denial of service (DoS) condition.\r The vulnerability is due to a logic error in how the software cryptography module handles specific types of decryption errors. An attacker could exploit this vulnerability by sending malicious packets over an established IPsec connection. A successful exploit could cause the device to crash, forcing it to reload. Important: Successful exploitation of this vulnerability would not cause a compromise of any encrypted data.\r Note: This vulnerability affects only Cisco ASA Software Release 9.16.1 and Cisco FTD Software Release 7.0.0.\r " + "value": "A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the device that results in a denial of service (DoS) condition. The vulnerability is due to a logic error in how the software cryptography module handles specific types of decryption errors. An attacker could exploit this vulnerability by sending malicious packets over an established IPsec connection. A successful exploit could cause the device to crash, forcing it to reload. Important: Successful exploitation of this vulnerability would not cause a compromise of any encrypted data. Note: This vulnerability affects only Cisco ASA Software Release 9.16.1 and Cisco FTD Software Release 7.0.0." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/28xxx/CVE-2021-28114.json b/2021/28xxx/CVE-2021-28114.json index edecae3268f..b132e4a9f47 100644 --- a/2021/28xxx/CVE-2021-28114.json +++ b/2021/28xxx/CVE-2021-28114.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-28114", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-28114", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://labs.bishopfox.com/advisories", + "refsource": "MISC", + "name": "https://labs.bishopfox.com/advisories" + }, + { + "url": "https://froala.com/wysiwyg-editor/", + "refsource": "MISC", + "name": "https://froala.com/wysiwyg-editor/" + }, + { + "refsource": "MISC", + "name": "https://labs.bishopfox.com/advisories/froala-editor-v3.2.6", + "url": "https://labs.bishopfox.com/advisories/froala-editor-v3.2.6" } ] }