admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-09-23 13:00:56 +00:00
parent 67c1eff4df
commit cadbf87cd3
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
41 changed files with 771 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
2021/22xxx/CVE-2021-22015.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22015",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Multiple local privilege escalation vulnerabilities"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance."
}
]
}

50
2021/22xxx/CVE-2021-22016.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22016",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server 6.7 before 6.7 U3o and VMware Cloud Foundation 3.x before 3.10.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Reflected XSS vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link."
}
]
}

50
2021/22xxx/CVE-2021-22017.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22017",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation 3.x before 3.10.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Rhttpproxy bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed."
}
]
}

50
2021/22xxx/CVE-2021-22018.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22018",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server 7.x before 7.0.2 U2d and VMware Cloud Foundation 4.x before 4.3.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "File deletion vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. A malicious actor with network access to port 9087 on vCenter Server may exploit this issue to delete non critical files."
}
]
}

50
2021/22xxx/CVE-2021-22019.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22019",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition."
}
]
}

50
2021/22xxx/CVE-2021-22020.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22020",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server."
}
]
}

5
2021/22xxx/CVE-2021-22931.json
View File

@ -53,6 +53,11 @@
"refsource": "MISC",
"name": "https://hackerone.com/reports/1178337",
"url": "https://hackerone.com/reports/1178337"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0001/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0001/"
}
]
},

5
2021/22xxx/CVE-2021-22940.json
View File

@ -53,6 +53,11 @@
"refsource": "MISC",
"name": "https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0001/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0001/"
}
]
},

50
2021/22xxx/CVE-2021-22941.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22941",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Citrix ShareFile storage zones controller",
"version": {
"version_data": [
{
"version_value": "5.11.20"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control - Generic (CWE-284)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.citrix.com/article/CTX328123",
"url": "https://support.citrix.com/article/CTX328123"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an unauthenticated attacker to remotely compromise the storage zones controller."
}
]
}

50
2021/22xxx/CVE-2021-22945.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22945",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "https://github.com/curl/curl",
"version": {
"version_data": [
{
"version_value": "curl 7.73.0 to and including 7.78.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Double Free (CWE-415)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://hackerone.com/reports/1269242",
"url": "https://hackerone.com/reports/1269242"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*."
}
]
}

55
2021/22xxx/CVE-2021-22948.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22948",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "https://github.com/revive-adserver/revive-adserver",
"version": {
"version_data": [
{
"version_value": "Fixed version v5.3.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) - Reflected (CWE-79)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://hackerone.com/reports/1187820",
"url": "https://hackerone.com/reports/1187820"
},
{
"refsource": "MISC",
"name": "https://www.revive-adserver.com/security/revive-sa-2021-005/",
"url": "https://www.revive-adserver.com/security/revive-sa-2021-005/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Vulnerability in the generation of session IDs in revive-adserver < 5.3.0, based on the cryptographically insecure uniqid() PHP function. Under some circumstances, an attacker could theoretically be able to brute force session IDs in order to take over a specific account."
}
]
}

55
2021/22xxx/CVE-2021-22949.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22949",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "https://github.com/concrete5/concrete5",
"version": {
"version_data": [
{
"version_value": "Fixed in version 8.5.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery (CSRF) (CWE-352)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://hackerone.com/reports/1102225",
"url": "https://hackerone.com/reports/1102225"
},
{
"refsource": "MISC",
"name": "https://documentation.concretecms.org/developers/introduction/version-history/856-release-notes",
"url": "https://documentation.concretecms.org/developers/introduction/version-history/856-release-notes"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: \"Solar Security CMS Research Team\""
}
]
}

55
2021/22xxx/CVE-2021-22950.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22950",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "https://github.com/concrete5/concrete5",
"version": {
"version_data": [
{
"version_value": "Fixed version 8.5.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery (CSRF) (CWE-352)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://documentation.concretecms.org/developers/introduction/version-history/856-release-notes",
"url": "https://documentation.concretecms.org/developers/introduction/version-history/856-release-notes"
},
{
"refsource": "MISC",
"name": "https://hackerone.com/reports/1102177",
"url": "https://hackerone.com/reports/1102177"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Concrete CMS prior to 8.5.6 had a CSFR vulnerability allowing attachments to comments in the conversation section to be deleted.Credit for discovery: \"Solar Security Research Team\""
}
]
}

50
2021/22xxx/CVE-2021-22952.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22952",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "UniFi Talk application",
"version": {
"version_data": [
{
"version_value": "Fixed on 1.12.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Code Injection (CWE-94)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://community.ui.com/releases/Security-Advisory-Bulletin-020-020/8ce6a7e6-0cce-4814-8bbe-ee812cb94b1a",
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-020-020/8ce6a7e6-0cce-4814-8bbe-ee812cb94b1a"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability found in UniFi Talk application V1.12.3 and earlier permits a malicious actor who has already gained access to a network to subsequently control Talk device(s) assigned to said network if they are not yet adopted. This vulnerability is fixed in UniFi Talk application V1.12.5 and later."
}
]
}

55
2021/22xxx/CVE-2021-22953.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22953",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "https://github.com/concrete5/concrete5",
"version": {
"version_data": [
{
"version_value": "fixed in Concrete CMS version 8.5.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery (CSRF) (CWE-352)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://hackerone.com/reports/1102225",
"url": "https://hackerone.com/reports/1102225"
},
{
"refsource": "MISC",
"name": "https://documentation.concretecms.org/developers/introduction/version-history/856-release-notes",
"url": "https://documentation.concretecms.org/developers/introduction/version-history/856-release-notes"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to clone topics which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: \"Solar Security Research Team\""
}
]
}

5
2021/29xxx/CVE-2021-29630.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:14.ggatec.asc",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:14.ggatec.asc"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0005/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0005/"
}
]
},

5
2021/29xxx/CVE-2021-29631.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:13.bhyve.asc",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:13.bhyve.asc"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0004/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0004/"
}
]
},

5
2021/34xxx/CVE-2021-34798.json
View File

@ -88,6 +88,11 @@
"refsource": "MLIST",
"name": "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info",
"url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3Cusers.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info",
"url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3Cusers.httpd.apache.org%3E"
}
]
},

5
2021/35xxx/CVE-2021-35515.json
View File

@ -148,6 +148,11 @@
"refsource": "MLIST",
"name": "[skywalking-notifications] 20210802 [GitHub] [skywalking] codecov[bot] edited a comment on pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090",
"url": "https://lists.apache.org/thread.html/rb6e1fa80d34e5ada45f72655d84bfd90db0ca44ef19236a49198c88c@%3Cnotifications.skywalking.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[poi-dev] 20210923 Re: [VOTE] Apache POI 5.1.0 release (RC1)",
"url": "https://lists.apache.org/thread.html/r67ef3c07fe3b8c1b02d48012149d280ad6da8e4cec253b527520fb2b@%3Cdev.poi.apache.org%3E"
}
]
},

5
2021/35xxx/CVE-2021-35516.json
View File

@ -133,6 +133,11 @@
"refsource": "MLIST",
"name": "[skywalking-notifications] 20210802 [GitHub] [skywalking] codecov[bot] edited a comment on pull request #7400: Fix CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090",
"url": "https://lists.apache.org/thread.html/rb6e1fa80d34e5ada45f72655d84bfd90db0ca44ef19236a49198c88c@%3Cnotifications.skywalking.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[poi-dev] 20210923 Re: [VOTE] Apache POI 5.1.0 release (RC1)",
"url": "https://lists.apache.org/thread.html/r67ef3c07fe3b8c1b02d48012149d280ad6da8e4cec253b527520fb2b@%3Cdev.poi.apache.org%3E"
}
]
},

5
2021/35xxx/CVE-2021-35517.json
View File

@ -151,6 +151,11 @@
"refsource": "MLIST",
"name": "[flink-issues] 20210908 [GitHub] [flink] MartijnVisser opened a new pull request #17194: [FLINK-24034] Upgrade commons-compress to 1.21 and other apache.commons updates",
"url": "https://lists.apache.org/thread.html/r31f75743ac173b0a606f8ea6ea53f351f386c44e7bcf78ae04007c29@%3Cissues.flink.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[poi-dev] 20210923 Re: [VOTE] Apache POI 5.1.0 release (RC1)",
"url": "https://lists.apache.org/thread.html/r67ef3c07fe3b8c1b02d48012149d280ad6da8e4cec253b527520fb2b@%3Cdev.poi.apache.org%3E"
}
]
},

5
2021/36xxx/CVE-2021-36090.json
View File

@ -206,6 +206,11 @@
"refsource": "MLIST",
"name": "[tomcat-dev] 20210811 [GitHub] [tomcat-jakartaee-migration] ebourg commented on issue #23: Vulnerability with Apache Commons Compress v1.20",
"url": "https://lists.apache.org/thread.html/r75ffc7a461e7e7ae77690fa75bd47bb71365c732e0fbcc44da4f8ff5@%3Cdev.tomcat.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[poi-dev] 20210923 Re: [VOTE] Apache POI 5.1.0 release (RC1)",
"url": "https://lists.apache.org/thread.html/r67ef3c07fe3b8c1b02d48012149d280ad6da8e4cec253b527520fb2b@%3Cdev.poi.apache.org%3E"
}
]
},

5
2021/36xxx/CVE-2021-36160.json
View File

@ -103,6 +103,11 @@
"refsource": "MLIST",
"name": "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info",
"url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3Cusers.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info",
"url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3Cusers.httpd.apache.org%3E"
}
]
},

5
2021/37xxx/CVE-2021-37750.json
View File

@ -71,6 +71,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-f2c8514f02",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFCLW7D46E4VCREKKH453T5DA4XOLHU2/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0002/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0002/"
}
]
}

5
2021/39xxx/CVE-2021-39139.json
View File

@ -86,6 +86,11 @@
"name": "https://x-stream.github.io/CVE-2021-39139.html",
"refsource": "MISC",
"url": "https://x-stream.github.io/CVE-2021-39139.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
}
]
},

5
2021/39xxx/CVE-2021-39140.json
View File

@ -86,6 +86,11 @@
"name": "https://x-stream.github.io/CVE-2021-39140.html",
"refsource": "MISC",
"url": "https://x-stream.github.io/CVE-2021-39140.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
}
]
},

5
2021/39xxx/CVE-2021-39141.json
View File

@ -86,6 +86,11 @@
"name": "https://x-stream.github.io/CVE-2021-39141.html",
"refsource": "MISC",
"url": "https://x-stream.github.io/CVE-2021-39141.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
}
]
},

5
2021/39xxx/CVE-2021-39144.json
View File

@ -86,6 +86,11 @@
"name": "https://x-stream.github.io/CVE-2021-39144.html",
"refsource": "MISC",
"url": "https://x-stream.github.io/CVE-2021-39144.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
}
]
},

5
2021/39xxx/CVE-2021-39145.json
View File

@ -86,6 +86,11 @@
"name": "https://x-stream.github.io/CVE-2021-39145.html",
"refsource": "MISC",
"url": "https://x-stream.github.io/CVE-2021-39145.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
}
]
},

5
2021/39xxx/CVE-2021-39146.json
View File

@ -86,6 +86,11 @@
"name": "https://x-stream.github.io/CVE-2021-39146.html",
"refsource": "MISC",
"url": "https://x-stream.github.io/CVE-2021-39146.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
}
]
},

5
2021/39xxx/CVE-2021-39147.json
View File

@ -86,6 +86,11 @@
"name": "https://x-stream.github.io/CVE-2021-39147.html",
"refsource": "MISC",
"url": "https://x-stream.github.io/CVE-2021-39147.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
}
]
},

5
2021/39xxx/CVE-2021-39148.json
View File

@ -86,6 +86,11 @@
"name": "https://x-stream.github.io/CVE-2021-39148.html",
"refsource": "MISC",
"url": "https://x-stream.github.io/CVE-2021-39148.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
}
]
},

5
2021/39xxx/CVE-2021-39149.json
View File

@ -86,6 +86,11 @@
"name": "https://x-stream.github.io/CVE-2021-39149.html",
"refsource": "MISC",
"url": "https://x-stream.github.io/CVE-2021-39149.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
}
]
},

5
2021/39xxx/CVE-2021-39150.json
View File

@ -86,6 +86,11 @@
"name": "https://x-stream.github.io/CVE-2021-39150.html",
"refsource": "MISC",
"url": "https://x-stream.github.io/CVE-2021-39150.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
}
]
},

5
2021/39xxx/CVE-2021-39151.json
View File

@ -86,6 +86,11 @@
"name": "https://x-stream.github.io/CVE-2021-39151.html",
"refsource": "MISC",
"url": "https://x-stream.github.io/CVE-2021-39151.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
}
]
},

5
2021/39xxx/CVE-2021-39152.json
View File

@ -86,6 +86,11 @@
"name": "https://x-stream.github.io/CVE-2021-39152.html",
"refsource": "MISC",
"url": "https://x-stream.github.io/CVE-2021-39152.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
}
]
},

5
2021/39xxx/CVE-2021-39153.json
View File

@ -86,6 +86,11 @@
"name": "https://x-stream.github.io/CVE-2021-39153.html",
"refsource": "MISC",
"url": "https://x-stream.github.io/CVE-2021-39153.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
}
]
},

5
2021/39xxx/CVE-2021-39154.json
View File

@ -86,6 +86,11 @@
"name": "https://x-stream.github.io/CVE-2021-39154.html",
"refsource": "MISC",
"url": "https://x-stream.github.io/CVE-2021-39154.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0003/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
}
]
},

5
2021/39xxx/CVE-2021-39275.json
View File

@ -88,6 +88,11 @@
"refsource": "MLIST",
"name": "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info",
"url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3Cusers.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info",
"url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3Cusers.httpd.apache.org%3E"
}
]
},

5
2021/3xxx/CVE-2021-3713.json
View File

@ -53,6 +53,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210902 [SECURITY] [DLA 2753-1] qemu security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210923-0006/",
"url": "https://security.netapp.com/advisory/ntap-20210923-0006/"
}
]
},

5
2021/40xxx/CVE-2021-40438.json
View File

@ -88,6 +88,11 @@
"refsource": "MLIST",
"name": "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info",
"url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3Cusers.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info",
"url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3Cusers.httpd.apache.org%3E"
}
]
},