From ce8def3a1dca07feaad7b73dc652b1d4ca2c8a87 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 25 Oct 2023 17:36:51 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/10xxx/CVE-2019-10307.json | 69 +++++++++---------- 2019/10xxx/CVE-2019-10308.json | 69 +++++++++---------- 2019/10xxx/CVE-2019-10309.json | 81 +++++++++++----------- 2019/10xxx/CVE-2019-10310.json | 81 +++++++++++----------- 2019/10xxx/CVE-2019-10311.json | 69 +++++++++---------- 2019/10xxx/CVE-2019-10312.json | 69 +++++++++---------- 2019/10xxx/CVE-2019-10313.json | 69 +++++++++---------- 2019/10xxx/CVE-2019-10314.json | 69 +++++++++---------- 2019/10xxx/CVE-2019-10315.json | 69 +++++++++---------- 2019/10xxx/CVE-2019-10316.json | 69 +++++++++---------- 2019/10xxx/CVE-2019-10317.json | 69 +++++++++---------- 2019/10xxx/CVE-2019-10318.json | 69 +++++++++---------- 2019/10xxx/CVE-2019-10319.json | 63 +++++++++--------- 2019/10xxx/CVE-2019-10320.json | 103 ++++++++++++++-------------- 2020/2xxx/CVE-2020-2250.json | 69 +++++++++---------- 2020/2xxx/CVE-2020-2251.json | 87 +++++++++++++----------- 2020/2xxx/CVE-2020-2252.json | 91 +++++++++++++------------ 2020/2xxx/CVE-2020-2253.json | 91 +++++++++++++------------ 2020/2xxx/CVE-2020-2254.json | 83 ++++++++++++----------- 2020/2xxx/CVE-2020-2255.json | 83 ++++++++++++----------- 2020/2xxx/CVE-2020-2256.json | 67 ++++++++++--------- 2020/2xxx/CVE-2020-2257.json | 67 ++++++++++--------- 2020/2xxx/CVE-2020-2258.json | 91 +++++++++++++------------ 2020/2xxx/CVE-2020-2259.json | 67 ++++++++++--------- 2020/2xxx/CVE-2020-2260.json | 67 ++++++++++--------- 2020/2xxx/CVE-2020-2261.json | 67 ++++++++++--------- 2020/2xxx/CVE-2020-2262.json | 85 +++++++++++++----------- 2020/2xxx/CVE-2020-2263.json | 85 +++++++++++++----------- 2020/2xxx/CVE-2020-2264.json | 85 +++++++++++++----------- 2021/21xxx/CVE-2021-21632.json | 76 ++++++++++----------- 2021/21xxx/CVE-2021-21633.json | 76 ++++++++++----------- 2021/21xxx/CVE-2021-21634.json | 67 ++++++++++--------- 2021/21xxx/CVE-2021-21635.json | 67 ++++++++++--------- 2021/21xxx/CVE-2021-21636.json | 87 +++++++++++++----------- 2021/21xxx/CVE-2021-21637.json | 87 +++++++++++++----------- 2021/21xxx/CVE-2021-21638.json | 87 +++++++++++++----------- 2021/21xxx/CVE-2021-21639.json | 71 ++++++++++---------- 2021/21xxx/CVE-2021-21640.json | 71 ++++++++++---------- 2021/21xxx/CVE-2021-21641.json | 83 ++++++++++++----------- 2021/21xxx/CVE-2021-21642.json | 67 ++++++++++--------- 2021/21xxx/CVE-2021-21643.json | 67 ++++++++++--------- 2021/21xxx/CVE-2021-21644.json | 67 ++++++++++--------- 2021/21xxx/CVE-2021-21645.json | 67 ++++++++++--------- 2021/21xxx/CVE-2021-21646.json | 67 ++++++++++--------- 2022/34xxx/CVE-2022-34212.json | 79 ++++++++++++---------- 2022/34xxx/CVE-2022-34213.json | 79 ++++++++++++---------- 2022/34xxx/CVE-2022-34777.json | 61 ++++++++--------- 2022/34xxx/CVE-2022-34778.json | 61 ++++++++--------- 2022/34xxx/CVE-2022-34779.json | 63 +++++++++--------- 2022/34xxx/CVE-2022-34780.json | 63 +++++++++--------- 2022/34xxx/CVE-2022-34781.json | 63 +++++++++--------- 2022/34xxx/CVE-2022-34782.json | 61 ++++++++--------- 2022/34xxx/CVE-2022-34783.json | 79 ++++++++++++---------- 2022/34xxx/CVE-2022-34784.json | 77 +++++++++++---------- 2022/34xxx/CVE-2022-34785.json | 79 ++++++++++++---------- 2022/34xxx/CVE-2022-34786.json | 79 ++++++++++++---------- 2022/34xxx/CVE-2022-34787.json | 79 ++++++++++++---------- 2022/34xxx/CVE-2022-34788.json | 79 ++++++++++++---------- 2022/36xxx/CVE-2022-36069.json | 118 ++++++++++++++++++--------------- 2023/20xxx/CVE-2023-20198.json | 5 ++ 2023/3xxx/CVE-2023-3858.json | 3 +- 2023/3xxx/CVE-2023-3859.json | 3 +- 2023/3xxx/CVE-2023-3860.json | 3 +- 2023/3xxx/CVE-2023-3861.json | 3 +- 2023/3xxx/CVE-2023-3862.json | 3 +- 2023/3xxx/CVE-2023-3871.json | 3 +- 2023/3xxx/CVE-2023-3872.json | 3 +- 2023/3xxx/CVE-2023-3873.json | 3 +- 2023/3xxx/CVE-2023-3874.json | 3 +- 2023/3xxx/CVE-2023-3875.json | 3 +- 2023/3xxx/CVE-2023-3876.json | 3 +- 2023/3xxx/CVE-2023-3877.json | 3 +- 2023/3xxx/CVE-2023-3878.json | 3 +- 2023/3xxx/CVE-2023-3879.json | 3 +- 2023/46xxx/CVE-2023-46071.json | 85 ++++++++++++++++++++++-- 2023/46xxx/CVE-2023-46610.json | 18 +++++ 2023/46xxx/CVE-2023-46611.json | 18 +++++ 2023/46xxx/CVE-2023-46612.json | 18 +++++ 2023/46xxx/CVE-2023-46613.json | 18 +++++ 2023/46xxx/CVE-2023-46614.json | 18 +++++ 2023/46xxx/CVE-2023-46615.json | 18 +++++ 2023/46xxx/CVE-2023-46616.json | 18 +++++ 2023/46xxx/CVE-2023-46617.json | 18 +++++ 2023/46xxx/CVE-2023-46618.json | 18 +++++ 2023/46xxx/CVE-2023-46619.json | 18 +++++ 2023/46xxx/CVE-2023-46620.json | 18 +++++ 2023/46xxx/CVE-2023-46621.json | 18 +++++ 2023/4xxx/CVE-2023-4585.json | 4 +- 2023/5xxx/CVE-2023-5146.json | 3 +- 2023/5xxx/CVE-2023-5147.json | 3 +- 2023/5xxx/CVE-2023-5148.json | 3 +- 2023/5xxx/CVE-2023-5149.json | 3 +- 2023/5xxx/CVE-2023-5150.json | 3 +- 2023/5xxx/CVE-2023-5151.json | 3 +- 2023/5xxx/CVE-2023-5152.json | 18 +++-- 2023/5xxx/CVE-2023-5153.json | 3 +- 2023/5xxx/CVE-2023-5154.json | 3 +- 2023/5xxx/CVE-2023-5221.json | 3 +- 2023/5xxx/CVE-2023-5222.json | 3 +- 2023/5xxx/CVE-2023-5732.json | 41 +++++++++++- 100 files changed, 2725 insertions(+), 2146 deletions(-) create mode 100644 2023/46xxx/CVE-2023-46610.json create mode 100644 2023/46xxx/CVE-2023-46611.json create mode 100644 2023/46xxx/CVE-2023-46612.json create mode 100644 2023/46xxx/CVE-2023-46613.json create mode 100644 2023/46xxx/CVE-2023-46614.json create mode 100644 2023/46xxx/CVE-2023-46615.json create mode 100644 2023/46xxx/CVE-2023-46616.json create mode 100644 2023/46xxx/CVE-2023-46617.json create mode 100644 2023/46xxx/CVE-2023-46618.json create mode 100644 2023/46xxx/CVE-2023-46619.json create mode 100644 2023/46xxx/CVE-2023-46620.json create mode 100644 2023/46xxx/CVE-2023-46621.json diff --git a/2019/10xxx/CVE-2019-10307.json b/2019/10xxx/CVE-2019-10307.json index e63e221b094..1b4e19d356f 100644 --- a/2019/10xxx/CVE-2019-10307.json +++ b/2019/10xxx/CVE-2019-10307.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10307", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Static Analysis Utilities Plugin", - "version": { - "version_data": [ - { - "version_value": "1.95 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,27 +21,51 @@ "description": [ { "lang": "eng", - "value": "CWE-352" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Static Analysis Utilities Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.95 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5" + "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/04/30/5" }, { - "refsource": "BID", - "name": "108159", - "url": "http://www.securityfocus.com/bid/108159" + "url": "http://www.securityfocus.com/bid/108159", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/108159" }, { "url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1100", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1100" } ] diff --git a/2019/10xxx/CVE-2019-10308.json b/2019/10xxx/CVE-2019-10308.json index afd62c7e89e..be33f298681 100644 --- a/2019/10xxx/CVE-2019-10308.json +++ b/2019/10xxx/CVE-2019-10308.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10308", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Static Analysis Utilities Plugin", - "version": { - "version_data": [ - { - "version_value": "1.95 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,27 +21,51 @@ "description": [ { "lang": "eng", - "value": "CWE-285" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Static Analysis Utilities Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.95 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5" + "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/04/30/5" }, { - "refsource": "BID", - "name": "108159", - "url": "http://www.securityfocus.com/bid/108159" + "url": "http://www.securityfocus.com/bid/108159", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/108159" }, { "url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1100", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1100" } ] diff --git a/2019/10xxx/CVE-2019-10309.json b/2019/10xxx/CVE-2019-10309.json index 597367339f6..f33fad11d5f 100644 --- a/2019/10xxx/CVE-2019-10309.json +++ b/2019/10xxx/CVE-2019-10309.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10309", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Self-Organizing Swarm Plug-in Modules Plugin", - "version": { - "version_data": [ - { - "version_value": "3.15 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,32 +21,56 @@ "description": [ { "lang": "eng", - "value": "CWE-611" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Self-Organizing Swarm Plug-in Modules Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "3.15 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5" - }, - { - "refsource": "BID", - "name": "108159", - "url": "http://www.securityfocus.com/bid/108159" - }, - { + "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5", "refsource": "MISC", - "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0783", - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0783" + "name": "http://www.openwall.com/lists/oss-security/2019/04/30/5" + }, + { + "url": "http://www.securityfocus.com/bid/108159", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/108159" + }, + { + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0783", + "refsource": "MISC", + "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0783" }, { "url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1252", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1252" } ] diff --git a/2019/10xxx/CVE-2019-10310.json b/2019/10xxx/CVE-2019-10310.json index ea443f4557a..f64f52e7b1b 100644 --- a/2019/10xxx/CVE-2019-10310.json +++ b/2019/10xxx/CVE-2019-10310.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10310", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Ansible Tower Plugin", - "version": { - "version_data": [ - { - "version_value": "0.9.1 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,32 +21,56 @@ "description": [ { "lang": "eng", - "value": "CWE-352" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Ansible Tower Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "0.9.1 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5" - }, - { - "refsource": "BID", - "name": "108159", - "url": "http://www.securityfocus.com/bid/108159" - }, - { + "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5", "refsource": "MISC", - "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0786", - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0786" + "name": "http://www.openwall.com/lists/oss-security/2019/04/30/5" + }, + { + "url": "http://www.securityfocus.com/bid/108159", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/108159" + }, + { + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0786", + "refsource": "MISC", + "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0786" }, { "url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1355", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1355" } ] diff --git a/2019/10xxx/CVE-2019-10311.json b/2019/10xxx/CVE-2019-10311.json index b052336204a..ecdaa44a6b6 100644 --- a/2019/10xxx/CVE-2019-10311.json +++ b/2019/10xxx/CVE-2019-10311.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10311", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Ansible Tower Plugin", - "version": { - "version_data": [ - { - "version_value": "0.9.1 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,27 +21,51 @@ "description": [ { "lang": "eng", - "value": "CWE-285" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Ansible Tower Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "0.9.1 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5" + "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/04/30/5" }, { - "refsource": "BID", - "name": "108159", - "url": "http://www.securityfocus.com/bid/108159" + "url": "http://www.securityfocus.com/bid/108159", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/108159" }, { "url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1355", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1355" } ] diff --git a/2019/10xxx/CVE-2019-10312.json b/2019/10xxx/CVE-2019-10312.json index 16ac8f94141..4d11b3b3524 100644 --- a/2019/10xxx/CVE-2019-10312.json +++ b/2019/10xxx/CVE-2019-10312.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10312", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Ansible Tower Plugin", - "version": { - "version_data": [ - { - "version_value": "0.9.1 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,27 +21,51 @@ "description": [ { "lang": "eng", - "value": "CWE-285" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Ansible Tower Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "0.9.1 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5" + "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/04/30/5" }, { - "refsource": "BID", - "name": "108159", - "url": "http://www.securityfocus.com/bid/108159" + "url": "http://www.securityfocus.com/bid/108159", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/108159" }, { "url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1355", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1355" } ] diff --git a/2019/10xxx/CVE-2019-10313.json b/2019/10xxx/CVE-2019-10313.json index 95537795191..dd9705138b1 100644 --- a/2019/10xxx/CVE-2019-10313.json +++ b/2019/10xxx/CVE-2019-10313.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10313", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Twitter Plugin", - "version": { - "version_data": [ - { - "version_value": "0.7 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,27 +21,51 @@ "description": [ { "lang": "eng", - "value": "CWE-256" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Twitter Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "0.7 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5" + "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/04/30/5" }, { - "refsource": "BID", - "name": "108159", - "url": "http://www.securityfocus.com/bid/108159" + "url": "http://www.securityfocus.com/bid/108159", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/108159" }, { "url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1143", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1143" } ] diff --git a/2019/10xxx/CVE-2019-10314.json b/2019/10xxx/CVE-2019-10314.json index 5b3cdc29c29..d318cd97b69 100644 --- a/2019/10xxx/CVE-2019-10314.json +++ b/2019/10xxx/CVE-2019-10314.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10314", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Koji Plugin", - "version": { - "version_data": [ - { - "version_value": "0.3 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,27 +21,51 @@ "description": [ { "lang": "eng", - "value": "CWE-295" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Koji Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "0.3 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5" + "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/04/30/5" }, { - "refsource": "BID", - "name": "108159", - "url": "http://www.securityfocus.com/bid/108159" + "url": "http://www.securityfocus.com/bid/108159", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/108159" }, { "url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-936", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-936" } ] diff --git a/2019/10xxx/CVE-2019-10315.json b/2019/10xxx/CVE-2019-10315.json index 5196b545d60..6aadf8ebd2a 100644 --- a/2019/10xxx/CVE-2019-10315.json +++ b/2019/10xxx/CVE-2019-10315.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10315", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins GitHub Authentication Plugin", - "version": { - "version_data": [ - { - "version_value": "0.31 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,27 +21,51 @@ "description": [ { "lang": "eng", - "value": "CWE-352" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins GitHub Authentication Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "0.31 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5" + "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/04/30/5" }, { - "refsource": "BID", - "name": "108159", - "url": "http://www.securityfocus.com/bid/108159" + "url": "http://www.securityfocus.com/bid/108159", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/108159" }, { "url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-443", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-443" } ] diff --git a/2019/10xxx/CVE-2019-10316.json b/2019/10xxx/CVE-2019-10316.json index 5faf5b0fbda..4feaf04f0c5 100644 --- a/2019/10xxx/CVE-2019-10316.json +++ b/2019/10xxx/CVE-2019-10316.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10316", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Aqua MicroScanner Plugin", - "version": { - "version_data": [ - { - "version_value": "1.0.5 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,27 +21,51 @@ "description": [ { "lang": "eng", - "value": "CWE-256" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Aqua MicroScanner Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0.5 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5" + "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/04/30/5" }, { - "refsource": "BID", - "name": "108159", - "url": "http://www.securityfocus.com/bid/108159" + "url": "http://www.securityfocus.com/bid/108159", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/108159" }, { "url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1380", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1380" } ] diff --git a/2019/10xxx/CVE-2019-10317.json b/2019/10xxx/CVE-2019-10317.json index 73eed33e52d..6f08b6a28b4 100644 --- a/2019/10xxx/CVE-2019-10317.json +++ b/2019/10xxx/CVE-2019-10317.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10317", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins SiteMonitor Plugin", - "version": { - "version_data": [ - { - "version_value": "0.5 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,27 +21,51 @@ "description": [ { "lang": "eng", - "value": "CWE-295" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins SiteMonitor Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "0.5 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5" + "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/04/30/5" }, { - "refsource": "BID", - "name": "108159", - "url": "http://www.securityfocus.com/bid/108159" + "url": "http://www.securityfocus.com/bid/108159", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/108159" }, { "url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-930", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-930" } ] diff --git a/2019/10xxx/CVE-2019-10318.json b/2019/10xxx/CVE-2019-10318.json index 64fb6c83e25..b9255835ba5 100644 --- a/2019/10xxx/CVE-2019-10318.json +++ b/2019/10xxx/CVE-2019-10318.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10318", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Azure AD Plugin", - "version": { - "version_data": [ - { - "version_value": "0.3.3 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,27 +21,51 @@ "description": [ { "lang": "eng", - "value": "CWE-256" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Azure AD Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "0.3.3 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5" + "url": "http://www.openwall.com/lists/oss-security/2019/04/30/5", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/04/30/5" }, { - "refsource": "BID", - "name": "108159", - "url": "http://www.securityfocus.com/bid/108159" + "url": "http://www.securityfocus.com/bid/108159", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/108159" }, { "url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1390", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1390" } ] diff --git a/2019/10xxx/CVE-2019-10319.json b/2019/10xxx/CVE-2019-10319.json index 86e55b1c2dc..130ca58a602 100644 --- a/2019/10xxx/CVE-2019-10319.json +++ b/2019/10xxx/CVE-2019-10319.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10319", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins PAM Authentication Plugin", - "version": { - "version_data": [ - { - "version_value": "1.5 and earlier, except 1.4.1" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,22 +21,46 @@ "description": [ { "lang": "eng", - "value": "CWE-285" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins PAM Authentication Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.5 and earlier, except 1.4.1" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190521 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/05/21/1" + "url": "http://www.openwall.com/lists/oss-security/2019/05/21/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/05/21/1" }, { "url": "https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1316", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1316" } ] diff --git a/2019/10xxx/CVE-2019-10320.json b/2019/10xxx/CVE-2019-10320.json index cdcdd202946..b296be0389e 100644 --- a/2019/10xxx/CVE-2019-10320.json +++ b/2019/10xxx/CVE-2019-10320.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2019-10320", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Credentials Plugin", - "version": { - "version_data": [ - { - "version_value": "2.1.18 and earlier" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -44,47 +21,71 @@ "description": [ { "lang": "eng", - "value": "CWE-200" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Credentials Plugin", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.1.18 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "refsource": "MLIST", - "name": "[oss-security] 20190521 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2019/05/21/1" - }, - { - "refsource": "FULLDISC", - "name": "20190524 Exploring the File System via Jenkins Credentials Plugin Vulnerability - CVE-2019-10320", - "url": "http://seclists.org/fulldisclosure/2019/May/39" - }, - { - "refsource": "BID", - "name": "108462", - "url": "http://www.securityfocus.com/bid/108462" - }, - { + "url": "http://www.openwall.com/lists/oss-security/2019/05/21/1", "refsource": "MISC", - "name": "https://wwws.nightwatchcybersecurity.com/2019/05/23/exploring-the-file-system-via-jenkins-credentials-plugin-vulnerability-cve-2019-10320/", - "url": "https://wwws.nightwatchcybersecurity.com/2019/05/23/exploring-the-file-system-via-jenkins-credentials-plugin-vulnerability-cve-2019-10320/" + "name": "http://www.openwall.com/lists/oss-security/2019/05/21/1" }, { - "refsource": "REDHAT", - "name": "RHBA-2019:1605", - "url": "https://access.redhat.com/errata/RHBA-2019:1605" + "url": "http://seclists.org/fulldisclosure/2019/May/39", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2019/May/39" }, { - "refsource": "REDHAT", - "name": "RHSA-2019:1636", - "url": "https://access.redhat.com/errata/RHSA-2019:1636" + "url": "http://www.securityfocus.com/bid/108462", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/108462" + }, + { + "url": "https://wwws.nightwatchcybersecurity.com/2019/05/23/exploring-the-file-system-via-jenkins-credentials-plugin-vulnerability-cve-2019-10320/", + "refsource": "MISC", + "name": "https://wwws.nightwatchcybersecurity.com/2019/05/23/exploring-the-file-system-via-jenkins-credentials-plugin-vulnerability-cve-2019-10320/" + }, + { + "url": "https://access.redhat.com/errata/RHBA-2019:1605", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHBA-2019:1605" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2019:1636", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2019:1636" }, { "url": "https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1322", - "refsource": "CONFIRM", + "refsource": "MISC", "name": "https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1322" } ] diff --git a/2020/2xxx/CVE-2020-2250.json b/2020/2xxx/CVE-2020-2250.json index 2cabcd4db95..eaf143eaf77 100644 --- a/2020/2xxx/CVE-2020-2250.json +++ b/2020/2xxx/CVE-2020-2250.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2250", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins SoapUI Pro Functional Testing Plugin", - "version": { - "version_data": [ - { - "version_value": "1.3", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-256: Unprotected Storage of Credentials" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins SoapUI Pro Functional Testing Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.3" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20(1)", - "url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20(1)", - "refsource": "CONFIRM" + "url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20%281%29", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20%281%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/09/01/3" + "url": "http://www.openwall.com/lists/oss-security/2020/09/01/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/09/01/3" } ] } diff --git a/2020/2xxx/CVE-2020-2251.json b/2020/2xxx/CVE-2020-2251.json index 0b1aa40ddc3..1226f76e5d3 100644 --- a/2020/2xxx/CVE-2020-2251.json +++ b/2020/2xxx/CVE-2020-2251.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2251", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins SoapUI Pro Functional Testing Plugin", - "version": { - "version_data": [ - { - "version_value": "1.5", - "version_affected": "<=" - }, - { - "version_value": "1.5", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-319: Cleartext Transmission of Sensitive Information" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins SoapUI Pro Functional Testing Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.5", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.5", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20(2)", - "url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20(2)", - "refsource": "CONFIRM" + "url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20%282%29", + "refsource": "MISC", + "name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20%282%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/09/01/3" + "url": "http://www.openwall.com/lists/oss-security/2020/09/01/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/09/01/3" } ] } diff --git a/2020/2xxx/CVE-2020-2252.json b/2020/2xxx/CVE-2020-2252.json index eafc0f8d9f4..ed692b4beb2 100644 --- a/2020/2xxx/CVE-2020-2252.json +++ b/2020/2xxx/CVE-2020-2252.json @@ -1,44 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2252", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Mailer Plugin", - "version": { - "version_data": [ - { - "version_value": "1.32", - "version_affected": "<=" - }, - { - "version_value": "1.29.1", - "version_affected": "!" - }, - { - "version_value": "1.31.1", - "version_affected": "!" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -53,23 +21,64 @@ "description": [ { "lang": "eng", - "value": "CWE-297: Improper Validation of Certificate with Host Mismatch" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Mailer Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.32", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "1.29.1" + }, + { + "status": "unaffected", + "version": "1.31.1" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1813", "url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1813", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1813" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3" + "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/09/16/3" } ] } diff --git a/2020/2xxx/CVE-2020-2253.json b/2020/2xxx/CVE-2020-2253.json index 92556a98507..9a0beca7ff1 100644 --- a/2020/2xxx/CVE-2020-2253.json +++ b/2020/2xxx/CVE-2020-2253.json @@ -1,44 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2253", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Email Extension Plugin", - "version": { - "version_data": [ - { - "version_value": "2.75", - "version_affected": "<=" - }, - { - "version_value": "2.69.1", - "version_affected": "!" - }, - { - "version_value": "2.68.1", - "version_affected": "!" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -53,23 +21,64 @@ "description": [ { "lang": "eng", - "value": "CWE-297: Improper Validation of Certificate with Host Mismatch" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Email Extension Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "2.75", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "2.69.1" + }, + { + "status": "unaffected", + "version": "2.68.1" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1851", "url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1851", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1851" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3" + "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/09/16/3" } ] } diff --git a/2020/2xxx/CVE-2020-2254.json b/2020/2xxx/CVE-2020-2254.json index 1eab21e16aa..021b4cbb91a 100644 --- a/2020/2xxx/CVE-2020-2254.json +++ b/2020/2xxx/CVE-2020-2254.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2254", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Blue Ocean Plugin", - "version": { - "version_data": [ - { - "version_value": "1.23.2", - "version_affected": "<=" - }, - { - "version_value": "1.19.2", - "version_affected": "!" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,60 @@ "description": [ { "lang": "eng", - "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Blue Ocean Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.23.2", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "1.19.2" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1956", "url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1956", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1956" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3" + "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/09/16/3" } ] } diff --git a/2020/2xxx/CVE-2020-2255.json b/2020/2xxx/CVE-2020-2255.json index 1c17105a830..850375bea72 100644 --- a/2020/2xxx/CVE-2020-2255.json +++ b/2020/2xxx/CVE-2020-2255.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2255", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Blue Ocean Plugin", - "version": { - "version_data": [ - { - "version_value": "1.23.2", - "version_affected": "<=" - }, - { - "version_value": "1.19.2", - "version_affected": "!" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,60 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Blue Ocean Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.23.2", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "1.19.2" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1961", "url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1961", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1961" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3" + "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/09/16/3" } ] } diff --git a/2020/2xxx/CVE-2020-2256.json b/2020/2xxx/CVE-2020-2256.json index b37f583e8b9..0686c8cc7c9 100644 --- a/2020/2xxx/CVE-2020-2256.json +++ b/2020/2xxx/CVE-2020-2256.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2256", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Pipeline Maven Integration Plugin", - "version": { - "version_data": [ - { - "version_value": "3.9.2", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Pipeline Maven Integration Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "3.9.2" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1976", "url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1976", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1976" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3" + "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/09/16/3" } ] } diff --git a/2020/2xxx/CVE-2020-2257.json b/2020/2xxx/CVE-2020-2257.json index 0580bfa5387..1362ea749f1 100644 --- a/2020/2xxx/CVE-2020-2257.json +++ b/2020/2xxx/CVE-2020-2257.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2257", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Validating String Parameter Plugin", - "version": { - "version_data": [ - { - "version_value": "2.4", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Validating String Parameter Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.4" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1935", "url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1935", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1935" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3" + "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/09/16/3" } ] } diff --git a/2020/2xxx/CVE-2020-2258.json b/2020/2xxx/CVE-2020-2258.json index b991c7d6626..5d0e38f7536 100644 --- a/2020/2xxx/CVE-2020-2258.json +++ b/2020/2xxx/CVE-2020-2258.json @@ -1,44 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2258", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Health Advisor by CloudBees Plugin", - "version": { - "version_data": [ - { - "version_value": "3.2.0", - "version_affected": "<=" - }, - { - "version_value": "3.1.1", - "version_affected": "!" - }, - { - "version_value": "3.0.2", - "version_affected": "!" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -53,23 +21,64 @@ "description": [ { "lang": "eng", - "value": "CWE-863: Incorrect Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Health Advisor by CloudBees Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "3.2.0", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "3.1.1" + }, + { + "status": "unaffected", + "version": "3.0.2" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1998", "url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1998", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1998" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3" + "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/09/16/3" } ] } diff --git a/2020/2xxx/CVE-2020-2259.json b/2020/2xxx/CVE-2020-2259.json index af595b81197..22798cef7db 100644 --- a/2020/2xxx/CVE-2020-2259.json +++ b/2020/2xxx/CVE-2020-2259.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2259", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins computer-queue-plugin Plugin", - "version": { - "version_data": [ - { - "version_value": "1.5", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins computer-queue-plugin Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.5" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1912", "url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1912", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1912" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3" + "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/09/16/3" } ] } diff --git a/2020/2xxx/CVE-2020-2260.json b/2020/2xxx/CVE-2020-2260.json index f1ad50ff5f2..fcf72260235 100644 --- a/2020/2xxx/CVE-2020-2260.json +++ b/2020/2xxx/CVE-2020-2260.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2260", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Perfecto Plugin", - "version": { - "version_data": [ - { - "version_value": "1.17", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Perfecto Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.17" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1979", "url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1979", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1979" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3" + "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/09/16/3" } ] } diff --git a/2020/2xxx/CVE-2020-2261.json b/2020/2xxx/CVE-2020-2261.json index 3c2980bdc5f..476dda3ae87 100644 --- a/2020/2xxx/CVE-2020-2261.json +++ b/2020/2xxx/CVE-2020-2261.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2261", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Perfecto Plugin", - "version": { - "version_data": [ - { - "version_value": "1.17", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Perfecto Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.17" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1980", "url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1980", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1980" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3" + "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/09/16/3" } ] } diff --git a/2020/2xxx/CVE-2020-2262.json b/2020/2xxx/CVE-2020-2262.json index 560f3e280f3..422a7aea5bf 100644 --- a/2020/2xxx/CVE-2020-2262.json +++ b/2020/2xxx/CVE-2020-2262.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2262", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Android Lint Plugin", - "version": { - "version_data": [ - { - "version_value": "2.6", - "version_affected": "<=" - }, - { - "version_value": "2.6", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Android Lint Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "2.6", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 2.6", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1908", "url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1908", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1908" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3" + "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/09/16/3" } ] } diff --git a/2020/2xxx/CVE-2020-2263.json b/2020/2xxx/CVE-2020-2263.json index 4c44aa5c762..d824750cee3 100644 --- a/2020/2xxx/CVE-2020-2263.json +++ b/2020/2xxx/CVE-2020-2263.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2263", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Radiator View Plugin", - "version": { - "version_data": [ - { - "version_value": "1.29", - "version_affected": "<=" - }, - { - "version_value": "1.29", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Radiator View Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.29", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.29", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1927", "url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1927", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1927" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3" + "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/09/16/3" } ] } diff --git a/2020/2xxx/CVE-2020-2264.json b/2020/2xxx/CVE-2020-2264.json index f89a7fac447..8493f7b7e9d 100644 --- a/2020/2xxx/CVE-2020-2264.json +++ b/2020/2xxx/CVE-2020-2264.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2020-2264", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Custom Job Icon Plugin", - "version": { - "version_data": [ - { - "version_value": "0.2", - "version_affected": "<=" - }, - { - "version_value": "0.2", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Custom Job Icon Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "0.2", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 0.2", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1914", "url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1914", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1914" }, { - "refsource": "MLIST", - "name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3" + "url": "http://www.openwall.com/lists/oss-security/2020/09/16/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2020/09/16/3" } ] } diff --git a/2021/21xxx/CVE-2021-21632.json b/2021/21xxx/CVE-2021-21632.json index f64fa87f7fd..c8525de4ac0 100644 --- a/2021/21xxx/CVE-2021-21632.json +++ b/2021/21xxx/CVE-2021-21632.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-21632", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins OWASP Dependency-Track Plugin", - "version": { - "version_data": [ - { - "version_value": "1.1.0", - "version_affected": ">=" - }, - { - "version_value": "3.1.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,53 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins OWASP Dependency-Track Plugin", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1.1.0", + "version_value": "unspecified" + }, + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "3.1.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2250", "url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2250", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2250" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210330 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/03/30/1" + "url": "http://www.openwall.com/lists/oss-security/2021/03/30/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2021/03/30/1" } ] } diff --git a/2021/21xxx/CVE-2021-21633.json b/2021/21xxx/CVE-2021-21633.json index 3d140bafe3d..ef5245dc094 100644 --- a/2021/21xxx/CVE-2021-21633.json +++ b/2021/21xxx/CVE-2021-21633.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-21633", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins OWASP Dependency-Track Plugin", - "version": { - "version_data": [ - { - "version_value": "1.1.0", - "version_affected": ">=" - }, - { - "version_value": "3.1.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,53 @@ "description": [ { "lang": "eng", - "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins OWASP Dependency-Track Plugin", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1.1.0", + "version_value": "unspecified" + }, + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "3.1.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2250", "url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2250", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2250" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210330 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/03/30/1" + "url": "http://www.openwall.com/lists/oss-security/2021/03/30/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2021/03/30/1" } ] } diff --git a/2021/21xxx/CVE-2021-21634.json b/2021/21xxx/CVE-2021-21634.json index a65a611163b..11023275fb3 100644 --- a/2021/21xxx/CVE-2021-21634.json +++ b/2021/21xxx/CVE-2021-21634.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-21634", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Jabber (XMPP) notifier and control Plugin", - "version": { - "version_data": [ - { - "version_value": "1.41", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-256: Unprotected Storage of Credentials" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Jabber (XMPP) notifier and control Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.41" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2162", "url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2162", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2162" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210330 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/03/30/1" + "url": "http://www.openwall.com/lists/oss-security/2021/03/30/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2021/03/30/1" } ] } diff --git a/2021/21xxx/CVE-2021-21635.json b/2021/21xxx/CVE-2021-21635.json index 03f7c5a0b00..5f22e9018c2 100644 --- a/2021/21xxx/CVE-2021-21635.json +++ b/2021/21xxx/CVE-2021-21635.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-21635", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins REST List Parameter Plugin", - "version": { - "version_data": [ - { - "version_value": "1.3.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins REST List Parameter Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.3.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2261", "url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2261", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2261" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210330 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/03/30/1" + "url": "http://www.openwall.com/lists/oss-security/2021/03/30/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2021/03/30/1" } ] } diff --git a/2021/21xxx/CVE-2021-21636.json b/2021/21xxx/CVE-2021-21636.json index 36d16f720ae..5859df105c4 100644 --- a/2021/21xxx/CVE-2021-21636.json +++ b/2021/21xxx/CVE-2021-21636.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-21636", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Team Foundation Server Plugin", - "version": { - "version_data": [ - { - "version_value": "5.157.1", - "version_affected": "<=" - }, - { - "version_value": "5.157.1", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Team Foundation Server Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "5.157.1", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 5.157.1", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20(1)", - "url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20(1)", - "refsource": "CONFIRM" + "url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20%281%29", + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20%281%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210330 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/03/30/1" + "url": "http://www.openwall.com/lists/oss-security/2021/03/30/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2021/03/30/1" } ] } diff --git a/2021/21xxx/CVE-2021-21637.json b/2021/21xxx/CVE-2021-21637.json index 451ff049bd1..e23ead69971 100644 --- a/2021/21xxx/CVE-2021-21637.json +++ b/2021/21xxx/CVE-2021-21637.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-21637", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Team Foundation Server Plugin", - "version": { - "version_data": [ - { - "version_value": "5.157.1", - "version_affected": "<=" - }, - { - "version_value": "5.157.1", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Team Foundation Server Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "5.157.1", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 5.157.1", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20(2)", - "url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20(2)", - "refsource": "CONFIRM" + "url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20%282%29", + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20%282%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210330 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/03/30/1" + "url": "http://www.openwall.com/lists/oss-security/2021/03/30/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2021/03/30/1" } ] } diff --git a/2021/21xxx/CVE-2021-21638.json b/2021/21xxx/CVE-2021-21638.json index 187df5eb2ab..3ba71e28b16 100644 --- a/2021/21xxx/CVE-2021-21638.json +++ b/2021/21xxx/CVE-2021-21638.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-21638", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Team Foundation Server Plugin", - "version": { - "version_data": [ - { - "version_value": "5.157.1", - "version_affected": "<=" - }, - { - "version_value": "5.157.1", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,62 @@ "description": [ { "lang": "eng", - "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Team Foundation Server Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "5.157.1", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 5.157.1", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20(2)", - "url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20(2)", - "refsource": "CONFIRM" + "url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20%282%29", + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20%282%29" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210330 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/03/30/1" + "url": "http://www.openwall.com/lists/oss-security/2021/03/30/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2021/03/30/1" } ] } diff --git a/2021/21xxx/CVE-2021-21639.json b/2021/21xxx/CVE-2021-21639.json index 162f0274fef..b6f64f97997 100644 --- a/2021/21xxx/CVE-2021-21639.json +++ b/2021/21xxx/CVE-2021-21639.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-21639", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.286", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.277.1", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-20: Improper Input Validation" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.286" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-1721", "url": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-1721", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-1721" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210407 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/04/07/2" + "url": "http://www.openwall.com/lists/oss-security/2021/04/07/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2021/04/07/2" } ] } diff --git a/2021/21xxx/CVE-2021-21640.json b/2021/21xxx/CVE-2021-21640.json index 5bcc92872f9..8f9704734a8 100644 --- a/2021/21xxx/CVE-2021-21640.json +++ b/2021/21xxx/CVE-2021-21640.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-21640", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins", - "version": { - "version_data": [ - { - "version_value": "2.286", - "version_affected": "<=" - }, - { - "version_value": "LTS 2.277.1", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-240: Improper Handling of Inconsistent Structural Elements" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.286" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-1871", "url": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-1871", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-1871" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210407 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/04/07/2" + "url": "http://www.openwall.com/lists/oss-security/2021/04/07/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2021/04/07/2" } ] } diff --git a/2021/21xxx/CVE-2021-21641.json b/2021/21xxx/CVE-2021-21641.json index b69b0d50f6e..6bb05ca6f15 100644 --- a/2021/21xxx/CVE-2021-21641.json +++ b/2021/21xxx/CVE-2021-21641.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-21641", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins promoted builds Plugin", - "version": { - "version_data": [ - { - "version_value": "3.9", - "version_affected": "<=" - }, - { - "version_value": "3.5.1", - "version_affected": "!" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,23 +21,60 @@ "description": [ { "lang": "eng", - "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins promoted builds Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "3.9", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "3.5.1" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-2293", "url": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-2293", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-2293" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210407 Multiple vulnerabilities in Jenkins and Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/04/07/2" + "url": "http://www.openwall.com/lists/oss-security/2021/04/07/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2021/04/07/2" } ] } diff --git a/2021/21xxx/CVE-2021-21642.json b/2021/21xxx/CVE-2021-21642.json index 47903cc6d2f..3609d78f225 100644 --- a/2021/21xxx/CVE-2021-21642.json +++ b/2021/21xxx/CVE-2021-21642.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-21642", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Config File Provider Plugin", - "version": { - "version_data": [ - { - "version_value": "3.7.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-611: Improper Restriction of XML External Entity Reference" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Config File Provider Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "3.7.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2204", "url": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2204", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2204" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210421 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/04/21/2" + "url": "http://www.openwall.com/lists/oss-security/2021/04/21/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2021/04/21/2" } ] } diff --git a/2021/21xxx/CVE-2021-21643.json b/2021/21xxx/CVE-2021-21643.json index 3c25f7a9abc..5c612ff22d2 100644 --- a/2021/21xxx/CVE-2021-21643.json +++ b/2021/21xxx/CVE-2021-21643.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-21643", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Config File Provider Plugin", - "version": { - "version_data": [ - { - "version_value": "3.7.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-863: Incorrect Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Config File Provider Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "3.7.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2254", "url": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2254", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2254" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210421 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/04/21/2" + "url": "http://www.openwall.com/lists/oss-security/2021/04/21/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2021/04/21/2" } ] } diff --git a/2021/21xxx/CVE-2021-21644.json b/2021/21xxx/CVE-2021-21644.json index 8481e5e940a..16b250fe5b4 100644 --- a/2021/21xxx/CVE-2021-21644.json +++ b/2021/21xxx/CVE-2021-21644.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-21644", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Config File Provider Plugin", - "version": { - "version_data": [ - { - "version_value": "3.7.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Config File Provider Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "3.7.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2202", "url": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2202", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2202" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210421 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/04/21/2" + "url": "http://www.openwall.com/lists/oss-security/2021/04/21/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2021/04/21/2" } ] } diff --git a/2021/21xxx/CVE-2021-21645.json b/2021/21xxx/CVE-2021-21645.json index f5b13dc52d3..d29ac0048ab 100644 --- a/2021/21xxx/CVE-2021-21645.json +++ b/2021/21xxx/CVE-2021-21645.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-21645", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Config File Provider Plugin", - "version": { - "version_data": [ - { - "version_value": "3.7.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Config File Provider Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "3.7.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2203", "url": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2203", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2203" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210421 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/04/21/2" + "url": "http://www.openwall.com/lists/oss-security/2021/04/21/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2021/04/21/2" } ] } diff --git a/2021/21xxx/CVE-2021-21646.json b/2021/21xxx/CVE-2021-21646.json index 0066cdf883d..c93763cd4ae 100644 --- a/2021/21xxx/CVE-2021-21646.json +++ b/2021/21xxx/CVE-2021-21646.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2021-21646", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Templating Engine Plugin", - "version": { - "version_data": [ - { - "version_value": "2.1", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,23 +21,48 @@ "description": [ { "lang": "eng", - "value": "CWE-693: Protection Mechanism Failure" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Templating Engine Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.1" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2311", "url": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2311", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2311" }, { - "refsource": "MLIST", - "name": "[oss-security] 20210421 Multiple vulnerabilities in Jenkins plugins", - "url": "http://www.openwall.com/lists/oss-security/2021/04/21/2" + "url": "http://www.openwall.com/lists/oss-security/2021/04/21/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2021/04/21/2" } ] } diff --git a/2022/34xxx/CVE-2022-34212.json b/2022/34xxx/CVE-2022-34212.json index 934ce1afde1..3e04493a6ca 100644 --- a/2022/34xxx/CVE-2022-34212.json +++ b/2022/34xxx/CVE-2022-34212.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-34212", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins vRealize Orchestrator Plugin", - "version": { - "version_data": [ - { - "version_value": "3.0", - "version_affected": "<=" - }, - { - "version_value": "3.0", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,57 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins vRealize Orchestrator Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "3.0", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 3.0", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2279", "url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2279", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2279" } ] } diff --git a/2022/34xxx/CVE-2022-34213.json b/2022/34xxx/CVE-2022-34213.json index be84fa79c8b..79d3bd4eb7b 100644 --- a/2022/34xxx/CVE-2022-34213.json +++ b/2022/34xxx/CVE-2022-34213.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-34213", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Squash TM Publisher (Squash4Jenkins) Plugin", - "version": { - "version_data": [ - { - "version_value": "1.0.0", - "version_affected": "<=" - }, - { - "version_value": "1.0.0", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,57 @@ "description": [ { "lang": "eng", - "value": "CWE-256: Plaintext Storage of a Password" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Squash TM Publisher (Squash4Jenkins) Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.0.0", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.0.0", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2089", "url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2089", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2089" } ] } diff --git a/2022/34xxx/CVE-2022-34777.json b/2022/34xxx/CVE-2022-34777.json index 76c2c9cde7b..30721f5a7fc 100644 --- a/2022/34xxx/CVE-2022-34777.json +++ b/2022/34xxx/CVE-2022-34777.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-34777", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins GitLab Plugin", - "version": { - "version_data": [ - { - "version_value": "1.5.34", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins GitLab Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "1.5.34" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2316", "url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2316", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2316" } ] } diff --git a/2022/34xxx/CVE-2022-34778.json b/2022/34xxx/CVE-2022-34778.json index 3ff4796b8d6..72daa2ef7c6 100644 --- a/2022/34xxx/CVE-2022-34778.json +++ b/2022/34xxx/CVE-2022-34778.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-34778", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins TestNG Results Plugin", - "version": { - "version_data": [ - { - "version_value": "554.va4a552116332", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins TestNG Results Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "554.va4a552116332" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2788", "url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2788", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2788" } ] } diff --git a/2022/34xxx/CVE-2022-34779.json b/2022/34xxx/CVE-2022-34779.json index 4876751bf9a..a1eb39cc70f 100644 --- a/2022/34xxx/CVE-2022-34779.json +++ b/2022/34xxx/CVE-2022-34779.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-34779", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins XebiaLabs XL Release Plugin", - "version": { - "version_data": [ - { - "version_value": "22.0.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins XebiaLabs XL Release Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "22.0.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20(1)", - "url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20(1)", - "refsource": "CONFIRM" + "url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20%281%29", + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20%281%29" } ] } diff --git a/2022/34xxx/CVE-2022-34780.json b/2022/34xxx/CVE-2022-34780.json index c201d8d8a4b..9de4dec1871 100644 --- a/2022/34xxx/CVE-2022-34780.json +++ b/2022/34xxx/CVE-2022-34780.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-34780", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins XebiaLabs XL Release Plugin", - "version": { - "version_data": [ - { - "version_value": "22.0.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-352: Cross-Site Request Forgery (CSRF)" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins XebiaLabs XL Release Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "22.0.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20(2)", - "url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20(2)", - "refsource": "CONFIRM" + "url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20%282%29", + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20%282%29" } ] } diff --git a/2022/34xxx/CVE-2022-34781.json b/2022/34xxx/CVE-2022-34781.json index 328c1d0ec8f..739451fe0e8 100644 --- a/2022/34xxx/CVE-2022-34781.json +++ b/2022/34xxx/CVE-2022-34781.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-34781", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins XebiaLabs XL Release Plugin", - "version": { - "version_data": [ - { - "version_value": "22.0.0", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins XebiaLabs XL Release Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "22.0.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20(2)", - "url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20(2)", - "refsource": "CONFIRM" + "url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20%282%29", + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20%282%29" } ] } diff --git a/2022/34xxx/CVE-2022-34782.json b/2022/34xxx/CVE-2022-34782.json index ded309adf47..fe1973f45e3 100644 --- a/2022/34xxx/CVE-2022-34782.json +++ b/2022/34xxx/CVE-2022-34782.json @@ -1,36 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-34782", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins requests-plugin Plugin", - "version": { - "version_data": [ - { - "version_value": "2.2.16", - "version_affected": "<=" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -45,18 +21,43 @@ "description": [ { "lang": "eng", - "value": "CWE-863: Incorrect Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins requests-plugin Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "unspecified", + "version_value": "2.2.16" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2650", "url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2650", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2650" } ] } diff --git a/2022/34xxx/CVE-2022-34783.json b/2022/34xxx/CVE-2022-34783.json index b07eb78cb6f..61afc040bc0 100644 --- a/2022/34xxx/CVE-2022-34783.json +++ b/2022/34xxx/CVE-2022-34783.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-34783", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Plot Plugin", - "version": { - "version_data": [ - { - "version_value": "2.1.10", - "version_affected": "<=" - }, - { - "version_value": "2.1.10", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,57 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Plot Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "2.1.10", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 2.1.10", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2220", "url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2220", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2220" } ] } diff --git a/2022/34xxx/CVE-2022-34784.json b/2022/34xxx/CVE-2022-34784.json index 1706a1e5d58..f3114fe7a28 100644 --- a/2022/34xxx/CVE-2022-34784.json +++ b/2022/34xxx/CVE-2022-34784.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-34784", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins build-metrics Plugin", - "version": { - "version_data": [ - { - "version_value": "1.3", - "version_affected": "=" - }, - { - "version_value": "1.3", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,55 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins build-metrics Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "version": "1.3" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.3", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1118", "url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1118", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1118" } ] } diff --git a/2022/34xxx/CVE-2022-34785.json b/2022/34xxx/CVE-2022-34785.json index ec58d58e2ab..2a45dd2e01a 100644 --- a/2022/34xxx/CVE-2022-34785.json +++ b/2022/34xxx/CVE-2022-34785.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-34785", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins build-metrics Plugin", - "version": { - "version_data": [ - { - "version_value": "1.3", - "version_affected": "<=" - }, - { - "version_value": "1.3", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,57 @@ "description": [ { "lang": "eng", - "value": "CWE-862: Missing Authorization" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins build-metrics Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.3", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.3", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2643", "url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2643", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2643" } ] } diff --git a/2022/34xxx/CVE-2022-34786.json b/2022/34xxx/CVE-2022-34786.json index a2fc793d4f0..8892981a90a 100644 --- a/2022/34xxx/CVE-2022-34786.json +++ b/2022/34xxx/CVE-2022-34786.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-34786", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Rich Text Publisher Plugin", - "version": { - "version_data": [ - { - "version_value": "1.4", - "version_affected": "<=" - }, - { - "version_value": "1.4", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,57 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Rich Text Publisher Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.4", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.4", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2332", "url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2332", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2332" } ] } diff --git a/2022/34xxx/CVE-2022-34787.json b/2022/34xxx/CVE-2022-34787.json index f68ea9c6bf2..847de438dcf 100644 --- a/2022/34xxx/CVE-2022-34787.json +++ b/2022/34xxx/CVE-2022-34787.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-34787", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Project Inheritance Plugin", - "version": { - "version_data": [ - { - "version_value": "21.04.03", - "version_affected": "<=" - }, - { - "version_value": "21.04.03", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,57 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Project Inheritance Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "21.04.03", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 21.04.03", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1919", "url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1919", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1919" } ] } diff --git a/2022/34xxx/CVE-2022-34788.json b/2022/34xxx/CVE-2022-34788.json index 9874a8502c3..bf6eba0c7bc 100644 --- a/2022/34xxx/CVE-2022-34788.json +++ b/2022/34xxx/CVE-2022-34788.json @@ -1,40 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-34788", "ASSIGNER": "jenkinsci-cert@googlegroups.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Jenkins project", - "product": { - "product_data": [ - { - "product_name": "Jenkins Matrix Reloaded Plugin", - "version": { - "version_data": [ - { - "version_value": "1.1.3", - "version_affected": "<=" - }, - { - "version_value": "1.1.3", - "version_affected": "?>" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -49,18 +21,57 @@ "description": [ { "lang": "eng", - "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + "value": "n/a" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Jenkins project", + "product": { + "product_data": [ + { + "product_name": "Jenkins Matrix Reloaded Plugin", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "1.1.3", + "status": "affected", + "version": "unspecified", + "versionType": "custom" + }, + { + "lessThan": "unspecified", + "status": "unknown", + "version": "next of 1.1.3", + "versionType": "custom" + } + ] + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1926", "url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1926", - "refsource": "CONFIRM" + "refsource": "MISC", + "name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1926" } ] } diff --git a/2022/36xxx/CVE-2022-36069.json b/2022/36xxx/CVE-2022-36069.json index 74737b6e216..bd6cc5a3a64 100644 --- a/2022/36xxx/CVE-2022-36069.json +++ b/2022/36xxx/CVE-2022-36069.json @@ -1,36 +1,12 @@ { - "CVE_data_meta": { - "ASSIGNER": "security-advisories@github.com", - "ID": "CVE-2022-36069", - "STATE": "PUBLIC", - "TITLE": "Poetry Argument Injection vulnerability can lead to local Code Execution" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "poetry", - "version": { - "version_data": [ - { - "version_value": "< 1.1.9" - } - ] - } - } - ] - }, - "vendor_name": "python-poetry" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2022-36069", + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" + }, "description": { "description_data": [ { @@ -39,55 +15,87 @@ } ] }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.3, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", - "value": "CWE-94: Improper Control of Generation of Code ('Code Injection')" + "value": "CWE-94: Improper Control of Generation of Code ('Code Injection')", + "cweId": "CWE-94" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "python-poetry", + "product": { + "product_data": [ + { + "product_name": "poetry", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 1.1.9" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://github.com/python-poetry/poetry/releases/tag/1.1.9", + "url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-9xgj-fcgf-x6mw", "refsource": "MISC", - "url": "https://github.com/python-poetry/poetry/releases/tag/1.1.9" + "name": "https://github.com/python-poetry/poetry/security/advisories/GHSA-9xgj-fcgf-x6mw" }, { - "name": "https://github.com/python-poetry/poetry/releases/tag/1.2.0b1", + "url": "https://github.com/python-poetry/poetry/releases/tag/1.1.9", "refsource": "MISC", - "url": "https://github.com/python-poetry/poetry/releases/tag/1.2.0b1" + "name": "https://github.com/python-poetry/poetry/releases/tag/1.1.9" }, { - "name": "https://github.com/python-poetry/poetry/security/advisories/GHSA-9xgj-fcgf-x6mw", - "refsource": "CONFIRM", - "url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-9xgj-fcgf-x6mw" + "url": "https://github.com/python-poetry/poetry/releases/tag/1.2.0b1", + "refsource": "MISC", + "name": "https://github.com/python-poetry/poetry/releases/tag/1.2.0b1" + }, + { + "url": "https://www.sonarsource.com/blog/securing-developer-tools-package-managers/", + "refsource": "MISC", + "name": "https://www.sonarsource.com/blog/securing-developer-tools-package-managers/" } ] }, "source": { "advisory": "GHSA-9xgj-fcgf-x6mw", "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + ] } } \ No newline at end of file diff --git a/2023/20xxx/CVE-2023-20198.json b/2023/20xxx/CVE-2023-20198.json index 8640991adc2..c0456e44fcb 100644 --- a/2023/20xxx/CVE-2023-20198.json +++ b/2023/20xxx/CVE-2023-20198.json @@ -67,6 +67,11 @@ "url": "https://www.darkreading.com/vulnerabilities-threats/critical-unpatched-cisco-zero-day-bug-active-exploit", "refsource": "MISC", "name": "https://www.darkreading.com/vulnerabilities-threats/critical-unpatched-cisco-zero-day-bug-active-exploit" + }, + { + "url": "https://www.cisa.gov/guidance-addressing-cisco-ios-xe-web-ui-vulnerabilities", + "refsource": "MISC", + "name": "https://www.cisa.gov/guidance-addressing-cisco-ios-xe-web-ui-vulnerabilities" } ] }, diff --git a/2023/3xxx/CVE-2023-3858.json b/2023/3xxx/CVE-2023-3858.json index 35761793bab..04df85ed157 100644 --- a/2023/3xxx/CVE-2023-3858.json +++ b/2023/3xxx/CVE-2023-3858.json @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 4, - "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2023/3xxx/CVE-2023-3859.json b/2023/3xxx/CVE-2023-3859.json index d2886db7670..c6663921b78 100644 --- a/2023/3xxx/CVE-2023-3859.json +++ b/2023/3xxx/CVE-2023-3859.json @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/3xxx/CVE-2023-3860.json b/2023/3xxx/CVE-2023-3860.json index 62f9e69354e..0ed3cbf0468 100644 --- a/2023/3xxx/CVE-2023-3860.json +++ b/2023/3xxx/CVE-2023-3860.json @@ -87,8 +87,7 @@ { "version": "2.0", "baseScore": 4, - "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2023/3xxx/CVE-2023-3861.json b/2023/3xxx/CVE-2023-3861.json index 84639b1e261..d6b41fcd971 100644 --- a/2023/3xxx/CVE-2023-3861.json +++ b/2023/3xxx/CVE-2023-3861.json @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 4, - "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2023/3xxx/CVE-2023-3862.json b/2023/3xxx/CVE-2023-3862.json index 07088589d36..2e40d143f33 100644 --- a/2023/3xxx/CVE-2023-3862.json +++ b/2023/3xxx/CVE-2023-3862.json @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 2.6, - "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", - "baseSeverity": "LOW" + "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N" } ] } diff --git a/2023/3xxx/CVE-2023-3871.json b/2023/3xxx/CVE-2023-3871.json index 047de3628d2..a8c076e9790 100644 --- a/2023/3xxx/CVE-2023-3871.json +++ b/2023/3xxx/CVE-2023-3871.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/3xxx/CVE-2023-3872.json b/2023/3xxx/CVE-2023-3872.json index 6b2f6e78a1e..2a1d3203560 100644 --- a/2023/3xxx/CVE-2023-3872.json +++ b/2023/3xxx/CVE-2023-3872.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/3xxx/CVE-2023-3873.json b/2023/3xxx/CVE-2023-3873.json index 43b3cc43c78..2d9161b2624 100644 --- a/2023/3xxx/CVE-2023-3873.json +++ b/2023/3xxx/CVE-2023-3873.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 7.5, - "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", - "baseSeverity": "HIGH" + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2023/3xxx/CVE-2023-3874.json b/2023/3xxx/CVE-2023-3874.json index 6b29c4dd79a..3cfb1a7d5a8 100644 --- a/2023/3xxx/CVE-2023-3874.json +++ b/2023/3xxx/CVE-2023-3874.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/3xxx/CVE-2023-3875.json b/2023/3xxx/CVE-2023-3875.json index 772b9e63cd4..890c89d4bb8 100644 --- a/2023/3xxx/CVE-2023-3875.json +++ b/2023/3xxx/CVE-2023-3875.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/3xxx/CVE-2023-3876.json b/2023/3xxx/CVE-2023-3876.json index 4ad8d51dd72..c3ff87a31c5 100644 --- a/2023/3xxx/CVE-2023-3876.json +++ b/2023/3xxx/CVE-2023-3876.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/3xxx/CVE-2023-3877.json b/2023/3xxx/CVE-2023-3877.json index 969ec13e67d..d5321c8b5d3 100644 --- a/2023/3xxx/CVE-2023-3877.json +++ b/2023/3xxx/CVE-2023-3877.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/3xxx/CVE-2023-3878.json b/2023/3xxx/CVE-2023-3878.json index 1e5600ba3be..27273f4e116 100644 --- a/2023/3xxx/CVE-2023-3878.json +++ b/2023/3xxx/CVE-2023-3878.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/3xxx/CVE-2023-3879.json b/2023/3xxx/CVE-2023-3879.json index c1e0348833f..6b75e3d4ffd 100644 --- a/2023/3xxx/CVE-2023-3879.json +++ b/2023/3xxx/CVE-2023-3879.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/46xxx/CVE-2023-46071.json b/2023/46xxx/CVE-2023-46071.json index b69162b5b62..8360b423f16 100644 --- a/2023/46xxx/CVE-2023-46071.json +++ b/2023/46xxx/CVE-2023-46071.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-46071", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ClickDatos Protecci\u00f3n de Datos RGPD plugin <=\u00a03.1.0 versions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ClickDatos", + "product": { + "product_data": [ + { + "product_name": "Protecci\u00f3n de Datos RGPD", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "3.1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/click-datos-lopd/wordpress-proteccion-de-datos-rgpd-plugin-3-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/click-datos-lopd/wordpress-proteccion-de-datos-rgpd-plugin-3-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "LEE SE HYOUNG (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2023/46xxx/CVE-2023-46610.json b/2023/46xxx/CVE-2023-46610.json new file mode 100644 index 00000000000..cb83c983bf7 --- /dev/null +++ b/2023/46xxx/CVE-2023-46610.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46610", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46611.json b/2023/46xxx/CVE-2023-46611.json new file mode 100644 index 00000000000..378c7f9c6f5 --- /dev/null +++ b/2023/46xxx/CVE-2023-46611.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46611", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46612.json b/2023/46xxx/CVE-2023-46612.json new file mode 100644 index 00000000000..759845b7132 --- /dev/null +++ b/2023/46xxx/CVE-2023-46612.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46612", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46613.json b/2023/46xxx/CVE-2023-46613.json new file mode 100644 index 00000000000..cf0953e1dd0 --- /dev/null +++ b/2023/46xxx/CVE-2023-46613.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46613", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46614.json b/2023/46xxx/CVE-2023-46614.json new file mode 100644 index 00000000000..fe4c3f192e9 --- /dev/null +++ b/2023/46xxx/CVE-2023-46614.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46614", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46615.json b/2023/46xxx/CVE-2023-46615.json new file mode 100644 index 00000000000..49e2eb37f34 --- /dev/null +++ b/2023/46xxx/CVE-2023-46615.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46615", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46616.json b/2023/46xxx/CVE-2023-46616.json new file mode 100644 index 00000000000..278134f78b1 --- /dev/null +++ b/2023/46xxx/CVE-2023-46616.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46616", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46617.json b/2023/46xxx/CVE-2023-46617.json new file mode 100644 index 00000000000..ab540d4f2cc --- /dev/null +++ b/2023/46xxx/CVE-2023-46617.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46617", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46618.json b/2023/46xxx/CVE-2023-46618.json new file mode 100644 index 00000000000..48a30544b30 --- /dev/null +++ b/2023/46xxx/CVE-2023-46618.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46618", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46619.json b/2023/46xxx/CVE-2023-46619.json new file mode 100644 index 00000000000..b9ac34a284e --- /dev/null +++ b/2023/46xxx/CVE-2023-46619.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46619", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46620.json b/2023/46xxx/CVE-2023-46620.json new file mode 100644 index 00000000000..16210625020 --- /dev/null +++ b/2023/46xxx/CVE-2023-46620.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46620", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/46xxx/CVE-2023-46621.json b/2023/46xxx/CVE-2023-46621.json new file mode 100644 index 00000000000..5a7ca5c54d7 --- /dev/null +++ b/2023/46xxx/CVE-2023-46621.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-46621", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/4xxx/CVE-2023-4585.json b/2023/4xxx/CVE-2023-4585.json index 674f1b3db0b..27b54d9d095 100644 --- a/2023/4xxx/CVE-2023-4585.json +++ b/2023/4xxx/CVE-2023-4585.json @@ -79,9 +79,9 @@ "references": { "reference_data": [ { - "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1833504%2C1841082%2C1847904%2C1848999", + "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999", "refsource": "MISC", - "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1833504%2C1841082%2C1847904%2C1848999" + "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/", diff --git a/2023/5xxx/CVE-2023-5146.json b/2023/5xxx/CVE-2023-5146.json index 627a8505091..a44e7b52e7d 100644 --- a/2023/5xxx/CVE-2023-5146.json +++ b/2023/5xxx/CVE-2023-5146.json @@ -119,8 +119,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5147.json b/2023/5xxx/CVE-2023-5147.json index e78417ae893..1961346cbc0 100644 --- a/2023/5xxx/CVE-2023-5147.json +++ b/2023/5xxx/CVE-2023-5147.json @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5148.json b/2023/5xxx/CVE-2023-5148.json index bd600eec736..0ffed6d636f 100644 --- a/2023/5xxx/CVE-2023-5148.json +++ b/2023/5xxx/CVE-2023-5148.json @@ -119,8 +119,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5149.json b/2023/5xxx/CVE-2023-5149.json index a619e5ce8a9..44caacf28f1 100644 --- a/2023/5xxx/CVE-2023-5149.json +++ b/2023/5xxx/CVE-2023-5149.json @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5150.json b/2023/5xxx/CVE-2023-5150.json index 2c63a673ca5..bfa51d1dca2 100644 --- a/2023/5xxx/CVE-2023-5150.json +++ b/2023/5xxx/CVE-2023-5150.json @@ -119,8 +119,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5151.json b/2023/5xxx/CVE-2023-5151.json index e5c16edfa6d..73a79087297 100644 --- a/2023/5xxx/CVE-2023-5151.json +++ b/2023/5xxx/CVE-2023-5151.json @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5152.json b/2023/5xxx/CVE-2023-5152.json index 34c5fa17d6f..e5faa9392a0 100644 --- a/2023/5xxx/CVE-2023-5152.json +++ b/2023/5xxx/CVE-2023-5152.json @@ -11,11 +11,11 @@ "description_data": [ { "lang": "eng", - "value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-8000 up to 20151231. Affected by this issue is some unknown functionality of the file /importexport.php. The manipulation of the argument sql leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240248. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced." + "value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-7000 and DAR-8000 up to 20151231. Affected by this issue is some unknown functionality of the file /importexport.php. The manipulation of the argument sql leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240248. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced." }, { "lang": "deu", - "value": "** UNSUPPPORTED WHEN ASSIGNED ** Eine kritische Schwachstelle wurde in D-Link DAR-8000 bis 20151231 entdeckt. Betroffen davon ist ein unbekannter Prozess der Datei /importexport.php. Durch Manipulieren des Arguments sql mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + "value": "** UNSUPPPORTED WHEN ASSIGNED ** Eine kritische Schwachstelle wurde in D-Link DAR-7000 and DAR-8000 bis 20151231 entdeckt. Betroffen davon ist ein unbekannter Prozess der Datei /importexport.php. Durch Manipulieren des Arguments sql mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ] }, @@ -39,6 +39,17 @@ "vendor_name": "D-Link", "product": { "product_data": [ + { + "product_name": "DAR-7000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "20151231" + } + ] + } + }, { "product_name": "DAR-8000", "version": { @@ -103,8 +114,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5153.json b/2023/5xxx/CVE-2023-5153.json index f68d420f9ca..9478ac0d6f5 100644 --- a/2023/5xxx/CVE-2023-5153.json +++ b/2023/5xxx/CVE-2023-5153.json @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5154.json b/2023/5xxx/CVE-2023-5154.json index 15557e9cd64..7471b8a33eb 100644 --- a/2023/5xxx/CVE-2023-5154.json +++ b/2023/5xxx/CVE-2023-5154.json @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5221.json b/2023/5xxx/CVE-2023-5221.json index 3636af33360..233c140dd03 100644 --- a/2023/5xxx/CVE-2023-5221.json +++ b/2023/5xxx/CVE-2023-5221.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 5.8, - "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5222.json b/2023/5xxx/CVE-2023-5222.json index 3254c9d9329..906c672b56b 100644 --- a/2023/5xxx/CVE-2023-5222.json +++ b/2023/5xxx/CVE-2023-5222.json @@ -110,8 +110,7 @@ { "version": "2.0", "baseScore": 5.8, - "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2023/5xxx/CVE-2023-5732.json b/2023/5xxx/CVE-2023-5732.json index 490187b2ffd..6cc9b260f9d 100644 --- a/2023/5xxx/CVE-2023-5732.json +++ b/2023/5xxx/CVE-2023-5732.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox ESR < 115.4." + "value": "An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox < 117, Firefox ESR < 115.4, and Thunderbird < 115.4." } ] }, @@ -34,6 +34,18 @@ "vendor_name": "Mozilla", "product": { "product_data": [ + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "117" + } + ] + } + }, { "product_name": "Firefox ESR", "version": { @@ -45,6 +57,18 @@ } ] } + }, + { + "product_name": "Thunderbird", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "unspecified", + "version_value": "115.4" + } + ] + } } ] } @@ -59,10 +83,25 @@ "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1690979" }, + { + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1836962", + "refsource": "MISC", + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1836962" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2023-34/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2023-34/" + }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-46/", "refsource": "MISC", "name": "https://www.mozilla.org/security/advisories/mfsa2023-46/" + }, + { + "url": "https://www.mozilla.org/security/advisories/mfsa2023-47/", + "refsource": "MISC", + "name": "https://www.mozilla.org/security/advisories/mfsa2023-47/" } ] },