diff --git a/2022/1xxx/CVE-2022-1883.json b/2022/1xxx/CVE-2022-1883.json index 982d9b32bfd..51ff151fd72 100644 --- a/2022/1xxx/CVE-2022-1883.json +++ b/2022/1xxx/CVE-2022-1883.json @@ -1,89 +1,89 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2022-1883", - "STATE": "PUBLIC", - "TITLE": " SQL Injection in camptocamp/terraboard" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "camptocamp/terraboard", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "2.2.0" - } - ] + "CVE_data_meta": { + "ASSIGNER": "security@huntr.dev", + "ID": "CVE-2022-1883", + "STATE": "PUBLIC", + "TITLE": " SQL Injection in camptocamp/terraboard" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "camptocamp/terraboard", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "2.2.0" + } + ] + } + } + ] + }, + "vendor_name": "camptocamp" } - } ] - }, - "vendor_name": "camptocamp" } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": " SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0." - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 9.6, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command" - } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/a25d15bd-cd23-487e-85cd-587960f1b9e7", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/a25d15bd-cd23-487e-85cd-587960f1b9e7" - }, - { - "name": "https://github.com/camptocamp/terraboard/commit/2a5dbaac015dc0714b41a59995e24f5767f89ddc", - "refsource": "MISC", - "url": "https://github.com/camptocamp/terraboard/commit/2a5dbaac015dc0714b41a59995e24f5767f89ddc" - } - ] - }, - "source": { - "advisory": "a25d15bd-cd23-487e-85cd-587960f1b9e7", - "discovery": "EXTERNAL" - } + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 9.6, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://huntr.dev/bounties/a25d15bd-cd23-487e-85cd-587960f1b9e7", + "refsource": "CONFIRM", + "url": "https://huntr.dev/bounties/a25d15bd-cd23-487e-85cd-587960f1b9e7" + }, + { + "name": "https://github.com/camptocamp/terraboard/commit/2a5dbaac015dc0714b41a59995e24f5767f89ddc", + "refsource": "MISC", + "url": "https://github.com/camptocamp/terraboard/commit/2a5dbaac015dc0714b41a59995e24f5767f89ddc" + } + ] + }, + "source": { + "advisory": "a25d15bd-cd23-487e-85cd-587960f1b9e7", + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/21xxx/CVE-2022-21951.json b/2022/21xxx/CVE-2022-21951.json index 8e5128a0a7b..a878c6673e0 100644 --- a/2022/21xxx/CVE-2022-21951.json +++ b/2022/21xxx/CVE-2022-21951.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "security@suse.de", + "ASSIGNER": "security@suse.com", "DATE_PUBLIC": "2022-05-25T00:00:00.000Z", "ID": "CVE-2022-21951", "STATE": "PUBLIC", @@ -50,7 +50,7 @@ "description_data": [ { "lang": "eng", - "value": "A Missing Encryption of Sensitive Data vulnerability in SUSE Rancher, Rancher allows attackers on the network to read and change network data due to missing encryption of data transmitted via the network when a cluster is created from an RKE template with the CNI value overridden\nThis issue affects:\nSUSE Rancher\nRancher versions prior to 2.5.14;\nRancher versions prior to 2.6.5." + "value": "A Missing Encryption of Sensitive Data vulnerability in SUSE Rancher, Rancher allows attackers on the network to read and change network data due to missing encryption of data transmitted via the network when a cluster is created from an RKE template with the CNI value overridden This issue affects: SUSE Rancher Rancher versions prior to 2.5.14; Rancher versions prior to 2.6.5." } ] },