From ccf496b93d621d71bd2aacff7a31e31074a0d9e7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 14 Sep 2020 21:01:30 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2016/8xxx/CVE-2016-8624.json | 5 +++ 2017/14xxx/CVE-2017-14063.json | 5 +++ 2019/17xxx/CVE-2019-17638.json | 5 +++ 2020/11xxx/CVE-2020-11881.json | 61 ++++++++++++++++++++++++++++++---- 2020/12xxx/CVE-2020-12872.json | 7 +++- 5 files changed, 76 insertions(+), 7 deletions(-) diff --git a/2016/8xxx/CVE-2016-8624.json b/2016/8xxx/CVE-2016-8624.json index 5fad13c95ec..92ba742c97f 100644 --- a/2016/8xxx/CVE-2016-8624.json +++ b/2016/8xxx/CVE-2016-8624.json @@ -112,6 +112,11 @@ "name": "94103", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94103" + }, + { + "refsource": "MLIST", + "name": "[pulsar-commits] 20200914 [GitHub] [pulsar] klwilson227 opened a new issue #8061: CVE-2017-14063", + "url": "https://lists.apache.org/thread.html/rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5@%3Ccommits.pulsar.apache.org%3E" } ] } diff --git a/2017/14xxx/CVE-2017-14063.json b/2017/14xxx/CVE-2017-14063.json index 2ac8b66e309..95ecf7a7e4e 100644 --- a/2017/14xxx/CVE-2017-14063.json +++ b/2017/14xxx/CVE-2017-14063.json @@ -66,6 +66,11 @@ "name": "http://openwall.com/lists/oss-security/2017/08/31/4", "refsource": "MISC", "url": "http://openwall.com/lists/oss-security/2017/08/31/4" + }, + { + "refsource": "MLIST", + "name": "[pulsar-commits] 20200914 [GitHub] [pulsar] klwilson227 opened a new issue #8061: CVE-2017-14063", + "url": "https://lists.apache.org/thread.html/rfaa4d578587f52a9c4d176af516a681a712c664e3be440a4163691d5@%3Ccommits.pulsar.apache.org%3E" } ] } diff --git a/2019/17xxx/CVE-2019-17638.json b/2019/17xxx/CVE-2019-17638.json index 85742ea694a..b5c6a749d54 100644 --- a/2019/17xxx/CVE-2019-17638.json +++ b/2019/17xxx/CVE-2019-17638.json @@ -89,6 +89,11 @@ "refsource": "MLIST", "name": "[pulsar-commits] 20200912 [GitHub] [pulsar] codelipenghui closed issue #7970: pulsar-client vulnerability CVE-2019-17638", "url": "https://lists.apache.org/thread.html/r378e4cdec15e132575aa1dcb6296ffeff2a896745a8991522e266ad4@%3Ccommits.pulsar.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[pulsar-commits] 20200914 [GitHub] [pulsar] klwilson227 opened a new issue #8060: CVE-2019-17638 jetty server", + "url": "https://lists.apache.org/thread.html/ra8661fc8c69c647cb06153c1485d48484a833d873f75dfe45937e9de@%3Ccommits.pulsar.apache.org%3E" } ] } diff --git a/2020/11xxx/CVE-2020-11881.json b/2020/11xxx/CVE-2020-11881.json index 13597c8ff40..1cdbb9f516e 100644 --- a/2020/11xxx/CVE-2020-11881.json +++ b/2020/11xxx/CVE-2020-11881.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-11881", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-11881", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://mikrotik.com", + "refsource": "MISC", + "name": "https://mikrotik.com" + }, + { + "refsource": "MISC", + "name": "https://github.com/botlabsDev/CVE-2020-11881", + "url": "https://github.com/botlabsDev/CVE-2020-11881" } ] } diff --git a/2020/12xxx/CVE-2020-12872.json b/2020/12xxx/CVE-2020-12872.json index 35bcd5adfee..b650ea75057 100644 --- a/2020/12xxx/CVE-2020-12872.json +++ b/2020/12xxx/CVE-2020-12872.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks." + "value": "yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP virtual machine with a version less than 21.0." } ] }, @@ -71,6 +71,11 @@ "refsource": "MISC", "name": "https://medium.com/@charlielabs101/cve-2020-12872-df315411aa70", "url": "https://medium.com/@charlielabs101/cve-2020-12872-df315411aa70" + }, + { + "refsource": "MISC", + "name": "https://github.com/erlyaws/yaws/issues/402", + "url": "https://github.com/erlyaws/yaws/issues/402" } ] }