admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-10-25 17:36:51 +00:00
parent 68bf127277
commit ce8def3a1d
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
100 changed files with 2725 additions and 2146 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
2019/10xxx/CVE-2019-10307.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10307",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Static Analysis Utilities Plugin",
"version": {
"version_data": [
{
"version_value": "1.95 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-352"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Static Analysis Utilities Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.95 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
},
{
"refsource": "BID",
"name": "108159",
"url": "http://www.securityfocus.com/bid/108159"
"url": "http://www.securityfocus.com/bid/108159",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/108159"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1100",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1100"
}
]

69
2019/10xxx/CVE-2019-10308.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10308",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Static Analysis Utilities Plugin",
"version": {
"version_data": [
{
"version_value": "1.95 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-285"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Static Analysis Utilities Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.95 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
},
{
"refsource": "BID",
"name": "108159",
"url": "http://www.securityfocus.com/bid/108159"
"url": "http://www.securityfocus.com/bid/108159",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/108159"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1100",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1100"
}
]

81
2019/10xxx/CVE-2019-10309.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10309",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Self-Organizing Swarm Plug-in Modules Plugin",
"version": {
"version_data": [
{
"version_value": "3.15 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,32 +21,56 @@
"description": [
{
"lang": "eng",
"value": "CWE-611"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Self-Organizing Swarm Plug-in Modules Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.15 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
},
{
"refsource": "BID",
"name": "108159",
"url": "http://www.securityfocus.com/bid/108159"
},
{
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5",
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0783",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0783"
"name": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
},
{
"url": "http://www.securityfocus.com/bid/108159",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/108159"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0783",
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0783"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1252",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1252"
}
]

81
2019/10xxx/CVE-2019-10310.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10310",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Ansible Tower Plugin",
"version": {
"version_data": [
{
"version_value": "0.9.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,32 +21,56 @@
"description": [
{
"lang": "eng",
"value": "CWE-352"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Ansible Tower Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.9.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
},
{
"refsource": "BID",
"name": "108159",
"url": "http://www.securityfocus.com/bid/108159"
},
{
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5",
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0786",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0786"
"name": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
},
{
"url": "http://www.securityfocus.com/bid/108159",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/108159"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0786",
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0786"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1355",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1355"
}
]

69
2019/10xxx/CVE-2019-10311.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10311",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Ansible Tower Plugin",
"version": {
"version_data": [
{
"version_value": "0.9.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-285"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Ansible Tower Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.9.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
},
{
"refsource": "BID",
"name": "108159",
"url": "http://www.securityfocus.com/bid/108159"
"url": "http://www.securityfocus.com/bid/108159",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/108159"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1355",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1355"
}
]

69
2019/10xxx/CVE-2019-10312.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10312",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Ansible Tower Plugin",
"version": {
"version_data": [
{
"version_value": "0.9.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-285"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Ansible Tower Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.9.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
},
{
"refsource": "BID",
"name": "108159",
"url": "http://www.securityfocus.com/bid/108159"
"url": "http://www.securityfocus.com/bid/108159",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/108159"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1355",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1355"
}
]

69
2019/10xxx/CVE-2019-10313.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10313",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Twitter Plugin",
"version": {
"version_data": [
{
"version_value": "0.7 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-256"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Twitter Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.7 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
},
{
"refsource": "BID",
"name": "108159",
"url": "http://www.securityfocus.com/bid/108159"
"url": "http://www.securityfocus.com/bid/108159",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/108159"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1143",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1143"
}
]

69
2019/10xxx/CVE-2019-10314.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10314",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Koji Plugin",
"version": {
"version_data": [
{
"version_value": "0.3 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-295"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Koji Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.3 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
},
{
"refsource": "BID",
"name": "108159",
"url": "http://www.securityfocus.com/bid/108159"
"url": "http://www.securityfocus.com/bid/108159",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/108159"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-936",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-936"
}
]

69
2019/10xxx/CVE-2019-10315.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10315",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins GitHub Authentication Plugin",
"version": {
"version_data": [
{
"version_value": "0.31 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-352"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins GitHub Authentication Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.31 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
},
{
"refsource": "BID",
"name": "108159",
"url": "http://www.securityfocus.com/bid/108159"
"url": "http://www.securityfocus.com/bid/108159",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/108159"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-443",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-443"
}
]

69
2019/10xxx/CVE-2019-10316.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10316",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Aqua MicroScanner Plugin",
"version": {
"version_data": [
{
"version_value": "1.0.5 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-256"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Aqua MicroScanner Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0.5 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
},
{
"refsource": "BID",
"name": "108159",
"url": "http://www.securityfocus.com/bid/108159"
"url": "http://www.securityfocus.com/bid/108159",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/108159"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1380",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1380"
}
]

69
2019/10xxx/CVE-2019-10317.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10317",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins SiteMonitor Plugin",
"version": {
"version_data": [
{
"version_value": "0.5 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-295"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins SiteMonitor Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.5 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
},
{
"refsource": "BID",
"name": "108159",
"url": "http://www.securityfocus.com/bid/108159"
"url": "http://www.securityfocus.com/bid/108159",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/108159"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-930",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-930"
}
]

69
2019/10xxx/CVE-2019-10318.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10318",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Azure AD Plugin",
"version": {
"version_data": [
{
"version_value": "0.3.3 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,27 +21,51 @@
"description": [
{
"lang": "eng",
"value": "CWE-256"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Azure AD Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.3.3 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190430 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/04/30/5"
},
{
"refsource": "BID",
"name": "108159",
"url": "http://www.securityfocus.com/bid/108159"
"url": "http://www.securityfocus.com/bid/108159",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/108159"
},
{
"url": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1390",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1390"
}
]

63
2019/10xxx/CVE-2019-10319.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10319",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins PAM Authentication Plugin",
"version": {
"version_data": [
{
"version_value": "1.5 and earlier, except 1.4.1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,22 +21,46 @@
"description": [
{
"lang": "eng",
"value": "CWE-285"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins PAM Authentication Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.5 and earlier, except 1.4.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190521 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/05/21/1"
"url": "http://www.openwall.com/lists/oss-security/2019/05/21/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/05/21/1"
},
{
"url": "https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1316",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1316"
}
]

103
2019/10xxx/CVE-2019-10320.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10320",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Credentials Plugin",
"version": {
"version_data": [
{
"version_value": "2.1.18 and earlier"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -44,47 +21,71 @@
"description": [
{
"lang": "eng",
"value": "CWE-200"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Credentials Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.1.18 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190521 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/05/21/1"
},
{
"refsource": "FULLDISC",
"name": "20190524 Exploring the File System via Jenkins Credentials Plugin Vulnerability - CVE-2019-10320",
"url": "http://seclists.org/fulldisclosure/2019/May/39"
},
{
"refsource": "BID",
"name": "108462",
"url": "http://www.securityfocus.com/bid/108462"
},
{
"url": "http://www.openwall.com/lists/oss-security/2019/05/21/1",
"refsource": "MISC",
"name": "https://wwws.nightwatchcybersecurity.com/2019/05/23/exploring-the-file-system-via-jenkins-credentials-plugin-vulnerability-cve-2019-10320/",
"url": "https://wwws.nightwatchcybersecurity.com/2019/05/23/exploring-the-file-system-via-jenkins-credentials-plugin-vulnerability-cve-2019-10320/"
"name": "http://www.openwall.com/lists/oss-security/2019/05/21/1"
},
{
"refsource": "REDHAT",
"name": "RHBA-2019:1605",
"url": "https://access.redhat.com/errata/RHBA-2019:1605"
"url": "http://seclists.org/fulldisclosure/2019/May/39",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2019/May/39"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1636",
"url": "https://access.redhat.com/errata/RHSA-2019:1636"
"url": "http://www.securityfocus.com/bid/108462",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/108462"
},
{
"url": "https://wwws.nightwatchcybersecurity.com/2019/05/23/exploring-the-file-system-via-jenkins-credentials-plugin-vulnerability-cve-2019-10320/",
"refsource": "MISC",
"name": "https://wwws.nightwatchcybersecurity.com/2019/05/23/exploring-the-file-system-via-jenkins-credentials-plugin-vulnerability-cve-2019-10320/"
},
{
"url": "https://access.redhat.com/errata/RHBA-2019:1605",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHBA-2019:1605"
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:1636",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2019:1636"
},
{
"url": "https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1322",
"refsource": "CONFIRM",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1322"
}
]

69
2020/2xxx/CVE-2020-2250.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2250",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins SoapUI Pro Functional Testing Plugin",
"version": {
"version_data": [
{
"version_value": "1.3",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-256: Unprotected Storage of Credentials"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins SoapUI Pro Functional Testing Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20(1)",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20(1)",
"refsource": "CONFIRM"
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20%281%29",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20%281%29"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

87
2020/2xxx/CVE-2020-2251.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2251",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins SoapUI Pro Functional Testing Plugin",
"version": {
"version_data": [
{
"version_value": "1.5",
"version_affected": "<="
},
{
"version_value": "1.5",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-319: Cleartext Transmission of Sensitive Information"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins SoapUI Pro Functional Testing Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.5",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20(2)",
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20(2)",
"refsource": "CONFIRM"
"url": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20%282%29",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2020-09-01/#SECURITY-1631%20%282%29"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200901 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
"url": "http://www.openwall.com/lists/oss-security/2020/09/01/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/09/01/3"
}
]
}

91
2020/2xxx/CVE-2020-2252.json
View File

@ -1,44 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2252",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Mailer Plugin",
"version": {
"version_data": [
{
"version_value": "1.32",
"version_affected": "<="
},
{
"version_value": "1.29.1",
"version_affected": "!"
},
{
"version_value": "1.31.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -53,23 +21,64 @@
"description": [
{
"lang": "eng",
"value": "CWE-297: Improper Validation of Certificate with Host Mismatch"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Mailer Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.32",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.29.1"
},
{
"status": "unaffected",
"version": "1.31.1"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1813",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1813",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1813"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
}
]
}

91
2020/2xxx/CVE-2020-2253.json
View File

@ -1,44 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2253",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Email Extension Plugin",
"version": {
"version_data": [
{
"version_value": "2.75",
"version_affected": "<="
},
{
"version_value": "2.69.1",
"version_affected": "!"
},
{
"version_value": "2.68.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -53,23 +21,64 @@
"description": [
{
"lang": "eng",
"value": "CWE-297: Improper Validation of Certificate with Host Mismatch"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Email Extension Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "2.75",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2.69.1"
},
{
"status": "unaffected",
"version": "2.68.1"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1851",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1851",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1851"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
}
]
}

83
2020/2xxx/CVE-2020-2254.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2254",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Blue Ocean Plugin",
"version": {
"version_data": [
{
"version_value": "1.23.2",
"version_affected": "<="
},
{
"version_value": "1.19.2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,60 @@
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Blue Ocean Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.23.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.19.2"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1956",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1956",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1956"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
}
]
}

83
2020/2xxx/CVE-2020-2255.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2255",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Blue Ocean Plugin",
"version": {
"version_data": [
{
"version_value": "1.23.2",
"version_affected": "<="
},
{
"version_value": "1.19.2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,60 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Blue Ocean Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.23.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.19.2"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1961",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1961",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1961"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
}
]
}

67
2020/2xxx/CVE-2020-2256.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2256",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Pipeline Maven Integration Plugin",
"version": {
"version_data": [
{
"version_value": "3.9.2",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Pipeline Maven Integration Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "3.9.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1976",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1976",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1976"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
}
]
}

67
2020/2xxx/CVE-2020-2257.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2257",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Validating String Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "2.4",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Validating String Parameter Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1935",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1935",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1935"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
}
]
}

91
2020/2xxx/CVE-2020-2258.json
View File

@ -1,44 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2258",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Health Advisor by CloudBees Plugin",
"version": {
"version_data": [
{
"version_value": "3.2.0",
"version_affected": "<="
},
{
"version_value": "3.1.1",
"version_affected": "!"
},
{
"version_value": "3.0.2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -53,23 +21,64 @@
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Health Advisor by CloudBees Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "3.2.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "3.1.1"
},
{
"status": "unaffected",
"version": "3.0.2"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1998",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1998",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1998"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
}
]
}

67
2020/2xxx/CVE-2020-2259.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2259",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins computer-queue-plugin Plugin",
"version": {
"version_data": [
{
"version_value": "1.5",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins computer-queue-plugin Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1912",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1912",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1912"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
}
]
}

67
2020/2xxx/CVE-2020-2260.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2260",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Perfecto Plugin",
"version": {
"version_data": [
{
"version_value": "1.17",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Perfecto Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.17"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1979",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1979",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1979"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
}
]
}

67
2020/2xxx/CVE-2020-2261.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2261",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Perfecto Plugin",
"version": {
"version_data": [
{
"version_value": "1.17",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Perfecto Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.17"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1980",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1980",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1980"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
}
]
}

85
2020/2xxx/CVE-2020-2262.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2262",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Android Lint Plugin",
"version": {
"version_data": [
{
"version_value": "2.6",
"version_affected": "<="
},
{
"version_value": "2.6",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Android Lint Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "2.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 2.6",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1908",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1908",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1908"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
}
]
}

85
2020/2xxx/CVE-2020-2263.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2263",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Radiator View Plugin",
"version": {
"version_data": [
{
"version_value": "1.29",
"version_affected": "<="
},
{
"version_value": "1.29",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Radiator View Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.29",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.29",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1927",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1927",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1927"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
}
]
}

85
2020/2xxx/CVE-2020-2264.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-2264",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Custom Job Icon Plugin",
"version": {
"version_data": [
{
"version_value": "0.2",
"version_affected": "<="
},
{
"version_value": "0.2",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Custom Job Icon Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "0.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 0.2",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1914",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1914",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1914"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
}
]
}

76
2021/21xxx/CVE-2021-21632.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21632",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins OWASP Dependency-Track Plugin",
"version": {
"version_data": [
{
"version_value": "1.1.0",
"version_affected": ">="
},
{
"version_value": "3.1.0",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,53 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins OWASP Dependency-Track Plugin",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.1.0",
"version_value": "unspecified"
},
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "3.1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2250",
"url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2250",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2250"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210330 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/03/30/1"
"url": "http://www.openwall.com/lists/oss-security/2021/03/30/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/03/30/1"
}
]
}

76
2021/21xxx/CVE-2021-21633.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21633",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins OWASP Dependency-Track Plugin",
"version": {
"version_data": [
{
"version_value": "1.1.0",
"version_affected": ">="
},
{
"version_value": "3.1.0",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,53 @@
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins OWASP Dependency-Track Plugin",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.1.0",
"version_value": "unspecified"
},
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "3.1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2250",
"url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2250",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2250"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210330 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/03/30/1"
"url": "http://www.openwall.com/lists/oss-security/2021/03/30/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/03/30/1"
}
]
}

67
2021/21xxx/CVE-2021-21634.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21634",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Jabber (XMPP) notifier and control Plugin",
"version": {
"version_data": [
{
"version_value": "1.41",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-256: Unprotected Storage of Credentials"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Jabber (XMPP) notifier and control Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.41"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2162",
"url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2162",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2162"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210330 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/03/30/1"
"url": "http://www.openwall.com/lists/oss-security/2021/03/30/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/03/30/1"
}
]
}

67
2021/21xxx/CVE-2021-21635.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21635",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins REST List Parameter Plugin",
"version": {
"version_data": [
{
"version_value": "1.3.0",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins REST List Parameter Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.3.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2261",
"url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2261",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2261"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210330 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/03/30/1"
"url": "http://www.openwall.com/lists/oss-security/2021/03/30/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/03/30/1"
}
]
}

87
2021/21xxx/CVE-2021-21636.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21636",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Team Foundation Server Plugin",
"version": {
"version_data": [
{
"version_value": "5.157.1",
"version_affected": "<="
},
{
"version_value": "5.157.1",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Team Foundation Server Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "5.157.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 5.157.1",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20(1)",
"url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20(1)",
"refsource": "CONFIRM"
"url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20%281%29",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20%281%29"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210330 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/03/30/1"
"url": "http://www.openwall.com/lists/oss-security/2021/03/30/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/03/30/1"
}
]
}

87
2021/21xxx/CVE-2021-21637.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21637",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Team Foundation Server Plugin",
"version": {
"version_data": [
{
"version_value": "5.157.1",
"version_affected": "<="
},
{
"version_value": "5.157.1",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Team Foundation Server Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "5.157.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 5.157.1",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20(2)",
"url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20(2)",
"refsource": "CONFIRM"
"url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20%282%29",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20%282%29"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210330 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/03/30/1"
"url": "http://www.openwall.com/lists/oss-security/2021/03/30/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/03/30/1"
}
]
}

87
2021/21xxx/CVE-2021-21638.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21638",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Team Foundation Server Plugin",
"version": {
"version_data": [
{
"version_value": "5.157.1",
"version_affected": "<="
},
{
"version_value": "5.157.1",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,62 @@
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Team Foundation Server Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "5.157.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 5.157.1",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20(2)",
"url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20(2)",
"refsource": "CONFIRM"
"url": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20%282%29",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-03-30/#SECURITY-2283%20%282%29"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210330 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/03/30/1"
"url": "http://www.openwall.com/lists/oss-security/2021/03/30/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/03/30/1"
}
]
}

71
2021/21xxx/CVE-2021-21639.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21639",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.286",
"version_affected": "<="
},
{
"version_value": "LTS 2.277.1",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.286"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-1721",
"url": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-1721",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-1721"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210407 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/04/07/2"
"url": "http://www.openwall.com/lists/oss-security/2021/04/07/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/04/07/2"
}
]
}

71
2021/21xxx/CVE-2021-21640.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21640",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "2.286",
"version_affected": "<="
},
{
"version_value": "LTS 2.277.1",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-240: Improper Handling of Inconsistent Structural Elements"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.286"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-1871",
"url": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-1871",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-1871"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210407 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/04/07/2"
"url": "http://www.openwall.com/lists/oss-security/2021/04/07/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/04/07/2"
}
]
}

83
2021/21xxx/CVE-2021-21641.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21641",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins promoted builds Plugin",
"version": {
"version_data": [
{
"version_value": "3.9",
"version_affected": "<="
},
{
"version_value": "3.5.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,23 +21,60 @@
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins promoted builds Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "3.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "3.5.1"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-2293",
"url": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-2293",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-2293"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210407 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/04/07/2"
"url": "http://www.openwall.com/lists/oss-security/2021/04/07/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/04/07/2"
}
]
}

67
2021/21xxx/CVE-2021-21642.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21642",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Config File Provider Plugin",
"version": {
"version_data": [
{
"version_value": "3.7.0",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-611: Improper Restriction of XML External Entity Reference"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Config File Provider Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "3.7.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2204",
"url": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2204",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2204"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210421 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/04/21/2"
"url": "http://www.openwall.com/lists/oss-security/2021/04/21/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/04/21/2"
}
]
}

67
2021/21xxx/CVE-2021-21643.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21643",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Config File Provider Plugin",
"version": {
"version_data": [
{
"version_value": "3.7.0",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Config File Provider Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "3.7.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2254",
"url": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2254",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2254"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210421 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/04/21/2"
"url": "http://www.openwall.com/lists/oss-security/2021/04/21/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/04/21/2"
}
]
}

67
2021/21xxx/CVE-2021-21644.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21644",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Config File Provider Plugin",
"version": {
"version_data": [
{
"version_value": "3.7.0",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Config File Provider Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "3.7.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2202",
"url": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2202",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2202"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210421 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/04/21/2"
"url": "http://www.openwall.com/lists/oss-security/2021/04/21/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/04/21/2"
}
]
}

67
2021/21xxx/CVE-2021-21645.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21645",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Config File Provider Plugin",
"version": {
"version_data": [
{
"version_value": "3.7.0",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Config File Provider Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "3.7.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2203",
"url": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2203",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2203"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210421 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/04/21/2"
"url": "http://www.openwall.com/lists/oss-security/2021/04/21/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/04/21/2"
}
]
}

67
2021/21xxx/CVE-2021-21646.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-21646",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Templating Engine Plugin",
"version": {
"version_data": [
{
"version_value": "2.1",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,23 +21,48 @@
"description": [
{
"lang": "eng",
"value": "CWE-693: Protection Mechanism Failure"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Templating Engine Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2311",
"url": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2311",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2021-04-21/#SECURITY-2311"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210421 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2021/04/21/2"
"url": "http://www.openwall.com/lists/oss-security/2021/04/21/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/04/21/2"
}
]
}

79
2022/34xxx/CVE-2022-34212.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34212",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins vRealize Orchestrator Plugin",
"version": {
"version_data": [
{
"version_value": "3.0",
"version_affected": "<="
},
{
"version_value": "3.0",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins vRealize Orchestrator Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 3.0",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2279",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2279",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2279"
}
]
}

79
2022/34xxx/CVE-2022-34213.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34213",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Squash TM Publisher (Squash4Jenkins) Plugin",
"version": {
"version_data": [
{
"version_value": "1.0.0",
"version_affected": "<="
},
{
"version_value": "1.0.0",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-256: Plaintext Storage of a Password"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Squash TM Publisher (Squash4Jenkins) Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.0.0",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2089",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2089",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2089"
}
]
}

61
2022/34xxx/CVE-2022-34777.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34777",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins GitLab Plugin",
"version": {
"version_data": [
{
"version_value": "1.5.34",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins GitLab Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "1.5.34"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2316",
"url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2316",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2316"
}
]
}

61
2022/34xxx/CVE-2022-34778.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34778",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins TestNG Results Plugin",
"version": {
"version_data": [
{
"version_value": "554.va4a552116332",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins TestNG Results Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "554.va4a552116332"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2788",
"url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2788",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2788"
}
]
}

63
2022/34xxx/CVE-2022-34779.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34779",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins XebiaLabs XL Release Plugin",
"version": {
"version_data": [
{
"version_value": "22.0.0",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins XebiaLabs XL Release Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "22.0.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20(1)",
"refsource": "CONFIRM"
"url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20%281%29",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20%281%29"
}
]
}

63
2022/34xxx/CVE-2022-34780.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34780",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins XebiaLabs XL Release Plugin",
"version": {
"version_data": [
{
"version_value": "22.0.0",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins XebiaLabs XL Release Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "22.0.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20(2)",
"refsource": "CONFIRM"
"url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20%282%29",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20%282%29"
}
]
}

63
2022/34xxx/CVE-2022-34781.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34781",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins XebiaLabs XL Release Plugin",
"version": {
"version_data": [
{
"version_value": "22.0.0",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins XebiaLabs XL Release Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "22.0.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20(2)",
"refsource": "CONFIRM"
"url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20%282%29",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2773%20%282%29"
}
]
}

61
2022/34xxx/CVE-2022-34782.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34782",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins requests-plugin Plugin",
"version": {
"version_data": [
{
"version_value": "2.2.16",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,18 +21,43 @@
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins requests-plugin Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "unspecified",
"version_value": "2.2.16"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2650",
"url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2650",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2650"
}
]
}

79
2022/34xxx/CVE-2022-34783.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34783",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Plot Plugin",
"version": {
"version_data": [
{
"version_value": "2.1.10",
"version_affected": "<="
},
{
"version_value": "2.1.10",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Plot Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "2.1.10",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 2.1.10",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2220",
"url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2220",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2220"
}
]
}

77
2022/34xxx/CVE-2022-34784.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34784",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins build-metrics Plugin",
"version": {
"version_data": [
{
"version_value": "1.3",
"version_affected": "="
},
{
"version_value": "1.3",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,55 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins build-metrics Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "1.3"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.3",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1118",
"url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1118",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1118"
}
]
}

79
2022/34xxx/CVE-2022-34785.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34785",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins build-metrics Plugin",
"version": {
"version_data": [
{
"version_value": "1.3",
"version_affected": "<="
},
{
"version_value": "1.3",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins build-metrics Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.3",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2643",
"url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2643",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2643"
}
]
}

79
2022/34xxx/CVE-2022-34786.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34786",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Rich Text Publisher Plugin",
"version": {
"version_data": [
{
"version_value": "1.4",
"version_affected": "<="
},
{
"version_value": "1.4",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Rich Text Publisher Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.4",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2332",
"url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2332",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-2332"
}
]
}

79
2022/34xxx/CVE-2022-34787.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34787",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Project Inheritance Plugin",
"version": {
"version_data": [
{
"version_value": "21.04.03",
"version_affected": "<="
},
{
"version_value": "21.04.03",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Project Inheritance Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "21.04.03",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 21.04.03",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1919",
"url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1919",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1919"
}
]
}

79
2022/34xxx/CVE-2022-34788.json
View File

@ -1,40 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-34788",
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Matrix Reloaded Plugin",
"version": {
"version_data": [
{
"version_value": "1.1.3",
"version_affected": "<="
},
{
"version_value": "1.1.3",
"version_affected": "?>"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -49,18 +21,57 @@
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Jenkins project",
"product": {
"product_data": [
{
"product_name": "Jenkins Matrix Reloaded Plugin",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "1.1.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 1.1.3",
"versionType": "custom"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1926",
"url": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1926",
"refsource": "CONFIRM"
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2022-06-30/#SECURITY-1926"
}
]
}

140
2022/36xxx/CVE-2022-36069.json
View File

@ -1,36 +1,12 @@
{
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-36069",
"STATE": "PUBLIC",
"TITLE": "Poetry Argument Injection vulnerability can lead to local Code Execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "poetry",
"version": {
"version_data": [
{
"version_value": "< 1.1.9"
}
]
}
}
]
},
"vendor_name": "python-poetry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-36069",
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
@ -39,8 +15,74 @@
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code ('Code Injection')",
"cweId": "CWE-94"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "python-poetry",
"product": {
"product_data": [
{
"product_name": "poetry",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 1.1.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-9xgj-fcgf-x6mw",
"refsource": "MISC",
"name": "https://github.com/python-poetry/poetry/security/advisories/GHSA-9xgj-fcgf-x6mw"
},
{
"url": "https://github.com/python-poetry/poetry/releases/tag/1.1.9",
"refsource": "MISC",
"name": "https://github.com/python-poetry/poetry/releases/tag/1.1.9"
},
{
"url": "https://github.com/python-poetry/poetry/releases/tag/1.2.0b1",
"refsource": "MISC",
"name": "https://github.com/python-poetry/poetry/releases/tag/1.2.0b1"
},
{
"url": "https://www.sonarsource.com/blog/securing-developer-tools-package-managers/",
"refsource": "MISC",
"name": "https://www.sonarsource.com/blog/securing-developer-tools-package-managers/"
}
]
},
"source": {
"advisory": "GHSA-9xgj-fcgf-x6mw",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
@ -54,40 +96,6 @@
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code ('Code Injection')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/python-poetry/poetry/releases/tag/1.1.9",
"refsource": "MISC",
"url": "https://github.com/python-poetry/poetry/releases/tag/1.1.9"
},
{
"name": "https://github.com/python-poetry/poetry/releases/tag/1.2.0b1",
"refsource": "MISC",
"url": "https://github.com/python-poetry/poetry/releases/tag/1.2.0b1"
},
{
"name": "https://github.com/python-poetry/poetry/security/advisories/GHSA-9xgj-fcgf-x6mw",
"refsource": "CONFIRM",
"url": "https://github.com/python-poetry/poetry/security/advisories/GHSA-9xgj-fcgf-x6mw"
}
]
},
"source": {
"advisory": "GHSA-9xgj-fcgf-x6mw",
"discovery": "UNKNOWN"
}
}

5
2023/20xxx/CVE-2023-20198.json
View File

@ -67,6 +67,11 @@
"url": "https://www.darkreading.com/vulnerabilities-threats/critical-unpatched-cisco-zero-day-bug-active-exploit",
"refsource": "MISC",
"name": "https://www.darkreading.com/vulnerabilities-threats/critical-unpatched-cisco-zero-day-bug-active-exploit"
},
{
"url": "https://www.cisa.gov/guidance-addressing-cisco-ios-xe-web-ui-vulnerabilities",
"refsource": "MISC",
"name": "https://www.cisa.gov/guidance-addressing-cisco-ios-xe-web-ui-vulnerabilities"
}
]
},

3
2023/3xxx/CVE-2023-3858.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3859.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3860.json
View File

@ -87,8 +87,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3861.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3862.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"baseSeverity": "LOW"
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3871.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3872.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3873.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseSeverity": "HIGH"
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3874.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3875.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3876.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3877.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3878.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3879.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

85
2023/46xxx/CVE-2023-46071.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46071",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ClickDatos Protecci\u00f3n de Datos RGPD plugin <=\u00a03.1.0 versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ClickDatos",
"product": {
"product_data": [
{
"product_name": "Protecci\u00f3n de Datos RGPD",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "3.1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/vulnerability/click-datos-lopd/wordpress-proteccion-de-datos-rgpd-plugin-3-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/click-datos-lopd/wordpress-proteccion-de-datos-rgpd-plugin-3-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "LEE SE HYOUNG (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
]
}

18
2023/46xxx/CVE-2023-46610.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46610",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/46xxx/CVE-2023-46611.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46611",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/46xxx/CVE-2023-46612.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46612",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/46xxx/CVE-2023-46613.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46613",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/46xxx/CVE-2023-46614.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46614",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/46xxx/CVE-2023-46615.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46615",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/46xxx/CVE-2023-46616.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46616",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/46xxx/CVE-2023-46617.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46617",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/46xxx/CVE-2023-46618.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46618",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/46xxx/CVE-2023-46619.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46619",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/46xxx/CVE-2023-46620.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46620",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/46xxx/CVE-2023-46621.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46621",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

4
2023/4xxx/CVE-2023-4585.json
View File

@ -79,9 +79,9 @@
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1833504%2C1841082%2C1847904%2C1848999",
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1833504%2C1841082%2C1847904%2C1848999"
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-34/",

3
2023/5xxx/CVE-2023-5146.json
View File

@ -119,8 +119,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/5xxx/CVE-2023-5147.json
View File

@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/5xxx/CVE-2023-5148.json
View File

@ -119,8 +119,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/5xxx/CVE-2023-5149.json
View File

@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/5xxx/CVE-2023-5150.json
View File

@ -119,8 +119,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/5xxx/CVE-2023-5151.json
View File

@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

18
2023/5xxx/CVE-2023-5152.json
View File

@ -11,11 +11,11 @@
"description_data": [
{
"lang": "eng",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-8000 up to 20151231. Affected by this issue is some unknown functionality of the file /importexport.php. The manipulation of the argument sql leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240248. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-7000 and DAR-8000 up to 20151231. Affected by this issue is some unknown functionality of the file /importexport.php. The manipulation of the argument sql leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240248. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
},
{
"lang": "deu",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** Eine kritische Schwachstelle wurde in D-Link DAR-8000 bis 20151231 entdeckt. Betroffen davon ist ein unbekannter Prozess der Datei /importexport.php. Durch Manipulieren des Arguments sql mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** Eine kritische Schwachstelle wurde in D-Link DAR-7000 and DAR-8000 bis 20151231 entdeckt. Betroffen davon ist ein unbekannter Prozess der Datei /importexport.php. Durch Manipulieren des Arguments sql mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
@ -39,6 +39,17 @@
"vendor_name": "D-Link",
"product": {
"product_data": [
{
"product_name": "DAR-7000",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20151231"
}
]
}
},
{
"product_name": "DAR-8000",
"version": {
@ -103,8 +114,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/5xxx/CVE-2023-5153.json
View File

@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/5xxx/CVE-2023-5154.json
View File

@ -103,8 +103,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/5xxx/CVE-2023-5221.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 5.8,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P"
}
]
}

3
2023/5xxx/CVE-2023-5222.json
View File

@ -110,8 +110,7 @@
{
"version": "2.0",
"baseScore": 5.8,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

41
2023/5xxx/CVE-2023-5732.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox ESR < 115.4."
"value": "An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox < 117, Firefox ESR < 115.4, and Thunderbird < 115.4."
}
]
},
@ -34,6 +34,18 @@
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "117"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
@ -45,6 +57,18 @@
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "115.4"
}
]
}
}
]
}
@ -59,10 +83,25 @@
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1690979"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1836962",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1836962"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-34/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-34/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-46/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-46/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-47/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2023-47/"
}
]
},