admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-05-24 05:00:39 +00:00
parent 810efddbcf
commit ca314d6a7b
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
4 changed files with 137 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2020/14xxx/CVE-2020-14145.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client)."
"value": "The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected."
}
]
},

2
2021/29xxx/CVE-2021-29921.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Improper input validation of octal strings in Python stdlib ipaddress 3.10 and below allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many programs that rely on Python stdlib ipaddress. IP address octects are left stripped instead of evaluated as valid IP addresses."
"value": "In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses."
}
]
},

76
2021/33xxx/CVE-2021-33496.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-33496",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-33496",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Dutchcoders transfer.sh before 1.2.4 allows XSS via an inline view."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4",
"refsource": "MISC",
"name": "https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4"
},
{
"url": "https://github.com/dutchcoders/transfer.sh/commit/9df18fdc69de2e71f30d8c1e6bfab2fda2e52eb4",
"refsource": "MISC",
"name": "https://github.com/dutchcoders/transfer.sh/commit/9df18fdc69de2e71f30d8c1e6bfab2fda2e52eb4"
},
{
"refsource": "MISC",
"name": "https://vuln.ryotak.me/advisories/43",
"url": "https://vuln.ryotak.me/advisories/43"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/dutchcoders/transfer.sh/pull/373",
"url": "https://github.com/dutchcoders/transfer.sh/pull/373"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4",
"url": "https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4"
}
]
}

71
2021/33xxx/CVE-2021-33497.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-33497",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-33497",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Dutchcoders transfer.sh before 1.2.4 allows Directory Traversal for deleting files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4",
"refsource": "MISC",
"name": "https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/dutchcoders/transfer.sh/pull/373",
"url": "https://github.com/dutchcoders/transfer.sh/pull/373"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4",
"url": "https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4"
},
{
"refsource": "MISC",
"name": "https://vuln.ryotak.me/advisories/44",
"url": "https://vuln.ryotak.me/advisories/44"
}
]
}